-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Antivirus false positives
The file that you download may trigger a false positive alert in your antivirus program. This is fairly normal, a sign that the product you are using is decently capable, since it features detection methods a bit more advanced than what was state of the art in 1999. The program being flagged is usually done through heuristic analysis, not via a database of know viruses. That means that the antivirus program thinks that due to the nature of the code in this application, it likely may be a virus, a program that the user does not really mean to run. Injecting code into other executable programs is rarely done by legitimate programs. One such kind of legitimate programs is this patcher, that you deliberately choose to run and let it alter Explorer's code and memory in a controlled manner so that you achieve a certain effect. Thus, this patcher falls in the category of false positives: your antivirus thought such a program was not something you meant to run, but that's not the case this time.
There are numerous threads where people are discussing this from time to time, like this one where people discuss this. I personally cannot do anything regarding how some other products decides to flag a particular 3rd party file. To mitigate any potential risk of my development machine being compromised, the program files that you download are built automatically on GitHub's infrastructure. The public releases are never files compiled on my own computer, but rather built in a clean environment set up by GitHub. Also, the source code is always available for everything in the release, so you have all the tools necessary to make an informed decision. I vouch that this is not doing anything malicious, but you do not have to take my word for it, just go and inspect every aspect of it, it's all available.