Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Virus targetting qb64pe
#11
(10-25-2023, 07:59 PM)Dimster Wrote: b Did you dummy that down just for me? I apologize to the community here if I'm coming across as a bit of an idiot on this, it wasn't my coding on the date stuff but did find a math formula that seemed to be in a perpetual loop. I fixed that and no longer getting a compilation error and no virus warnings. Thing is I'd had that issue before and the computer just didn't stop running. It didn't trigger a compilation error so I'm still not sure what happened there but problem seems to be solved.

sorry, lack sleep here, poor judgement.
b = b + ...
Reply
#12
(10-25-2023, 05:22 PM)Dimster Wrote: Thanks guys. The D: drive is a thumb drive plugged into a USB port on my tower. I have gone thru D:\qb64p3-v3-64bit-29Aug22\qb64pe and I can't find a file stP1kAlM. It may already have been removed by Defender or, as Spriggsy suggests its a Temp file and there are a number of them I haven't searched.

I don't think I do have a virus. I think it's new coding I have been working with yesterday and today. The routine is capturing the Date and Time of day. I'm going to see if my code is doing more than just trying to capture the info. I'm also trying to get more proficient in mouse control for selection from multiple menus. bplus gave me some sample code to give me a helping boost on the topic and his code carries _Limit control. I see I have none of that in any of my mouse coding so maybe I have just over taxed my CPU with an endless Do Loop some where.

In any event, don't think it's a virus.

Your screenshot tells you what happened to the file: Defender removed it.  It's in quarantine (wherever Defender safely considers that to be), and you can only view or restore it via their software.  If everything still works, I'd just consider the issue done.  Defender didn't like something, you're not missing something, and you're both happy something is now gone.  Win-win, time for dinner!
Reply
#13
FWIW, Kaspersky AV was randomly triggered by components within my QB64 programs. I had to whitelist the QB64 folder.
Reply
#14
You are not alone. The other day Windows Defender decided to move QB64pe.exe to the quarantine bin and delete the desktop shortcut link also.

I had to add the file in question to the defender exclusion list. I think something piggy-backed a virus to the file.

Erik.
Reply
#15
Quote:virustotal.com
you must be joking right?

that site is a scam-over-scam
it is full of heuristic  scam detectors and jump on everything
it add false positive on everything
i hate that site Angry
Reply
#16
(11-08-2023, 08:26 AM)aurel Wrote:
Quote:virustotal.com
you must be joking right?

that site is a scam-over-scam
it is full of heuristic  scam detectors and jump on everything
it add false positive on everything
i hate that site Angry

Code: (Select All)
Bkav Pro
W64.AIDetectMalware
Acronis (Static ML)
Undetected
AhnLab-V3
Undetected
Alibaba
Undetected
ALYac
Undetected
Antiy-AVL
Undetected
Arcabit
Undetected
Avast
Undetected
AVG
Undetected
Avira (no cloud)
Undetected
Baidu
Undetected
BitDefender
Undetected
BitDefenderTheta
Undetected
ClamAV
Undetected
CMC
Undetected
CrowdStrike Falcon
Undetected
Cybereason
Undetected
Cylance
Undetected
Cynet
Undetected
DeepInstinct
Undetected
DrWeb
Undetected
Elastic
Undetected
Emsisoft
Undetected
eScan
Undetected
ESET-NOD32
Undetected
F-Secure
Undetected
Fortinet
Undetected
GData
Undetected
Google
Undetected
Gridinsoft (no cloud)
Undetected
Ikarus
Undetected
Jiangmin
Undetected
K7AntiVirus
Undetected
K7GW
Undetected
Kaspersky
Undetected
Kingsoft
Undetected
Lionic
Undetected
Malwarebytes
Undetected
MAX
Undetected
MaxSecure
Undetected
McAfee
Undetected
Microsoft
Undetected
NANO-Antivirus
Undetected
Palo Alto Networks
Undetected
Panda
Undetected
QuickHeal
Undetected
Rising
Undetected
Sangfor Engine Zero
Undetected
SecureAge
Undetected
SentinelOne (Static ML)
Undetected
Skyhigh (SWG)
Undetected
Sophos
Undetected
SUPERAntiSpyware
Undetected
Symantec
Undetected
TACHYON
Undetected
TEHTRIS
Undetected
Tencent
Undetected
Trapmine
Undetected
Trellix (FireEye)
Undetected
TrendMicro
Undetected
TrendMicro-HouseCall
Undetected
Varist
Undetected
VBA32
Undetected
VIPRE
Undetected
VirIT
Undetected
ViRobot
Undetected
Webroot
Undetected
Xcitium
Undetected
Yandex
Undetected
Zillya
Undetected
ZoneAlarm by Check Point
Undetected
Zoner
Undetected
Avast-Mobile
Unable to process file type
BitDefenderFalx
Unable to process file type
Symantec Mobile Insight
Unable to process file type
Trustlook
Unable to process file type

From just testing on that site, 71 of 72 virus detectors called QB64PE.exe clean.  Which goes to show that folks should always take those warnings with a grain of salt -- there's always the chance that the virus software you're using is going to be that ONE which flags things with a false positive!

When it comes to viruses, it's very unlikely that QB64 will ever get infected.  The source to build the code is right there at your fingertips.  If you ever suspect a virus, simply rebuild your own EXE yourself.  Unless you think we're shipping malicious code ourselves, or you think our github has somehow become infected with malicious source code, you shouldn't ever have to worry about "Gosh, is this file EVIL or not??"

Now, if you're one of those folks who click those links that claim, "CONGRATULATIONS!  YOU'RE OUR 100,000 VISITOR AND WON A NEW IPAD!", then who knows what viruses might be infecting your system.   The issue there, however, isn't that QB64PE is infected with a virus -- it's that your whole machine is now one big virus factory!!

Like always, the general best rule of thumb is:  "Simply whitelist your whole QB64PE folder and wherever you store your compiled EXE files."  EXEs compiled from scratch don't tend to hold viruses, trojans, or malware.  When your antivirus claims they do, it's just a false positive as it simply doesn't recognize the newly created software that it's never analyzed before in its existence.  Save yourself the hassle of those false positives -- whitelist your QB64PE folder!
Reply
#17
To be honest, I'd rather have an overprotective antivirus than one that doesn't flag an unsigned program as being possibly malicious.
Tread on those who tread on you

Reply
#18
Try to add exclusion list to Win10:

Go to Start > Settings > Update & Security > Windows Security > Virus & threat protection. Under Virus & threat protection settings, select Manage settings, and then under Exclusions, select Add or remove exclusions. Select Add an exclusion, and then select from files, folders, file types, or process. 

is not at all that easy but seems to work..

Erik.
Reply




Users browsing this thread: 1 Guest(s)