Bit Defender Anti-Virus Found Something in WebInstall Folder (2024.0218)

 

Today my anti-virus show a warning [Gen:Variant.Application.Bundler.Amonetize.124] about terminal.exe in the WebInstall folder.

Is it the problem with only me? Or someone else has the same situation?

Files:
Untitled-1.png  39 kb
Untitled-2.png  11 kb
 

Just ignore it - it is false alarm.

Forum on trading, automated trading systems and testing trading strategies

Errors, bugs, questions

Renat Fatkhullin , 2023.03.26 00:24

Occasionally, due to polymorphic protection, some file signatures may be similar to pests.

Please note that the swearing was simply due to an attempt to save an encrypted and signed update package (it cannot be launched), and not when running an unpacked exe file. That is, this is not a reaction to the executable file.

All update packages are signed with our additional RSA private key and cannot be saved to disk unless the package is verified with a public key. Therefore, there is no risk of getting the wrong file at all.

In addition, all executable files are digitally signed by our Code Signing

In general, as usual, a false alarm.


 
Sergey Golubev #:

Just ignore it - it is false alarm.


Thanks for reply. But the terminal.exe has been deleted by Anti-Virus.

So I need to retore the old file quarantined? or I can only wait the MT4 next automatically update?

 
googollien #:

Thanks for reply. But the terminal.exe has been deleted by Anti-Virus.

So I need to retore the old file quarantined? or I can only wait the MT4 next automatically update?

Same here. Bitdefender deleted my terminal.exe and I cannot open my MT4.

 

Go to your anti-virus setting, find terminal.exe file in your anti-virus program in "quarantine folder" or other folder/place, and make some actions (accept it as "false alarm" or any other actions proposed by your anti-virus program).

I have "360 Total Security" anti-virus, and yes - I got same warning and accepted it as "false alarm" and press "continue installation".
If not (if I did not press press "continue installation") so I need to open this anti-virus software in my computer, find terminal.exe file
and press something to be installed and so on.

--------------------------

False alarm is related to antivirus software, it means: we/you need to make an exceptions for this terminal.exe in anti-virus settings in your computer.

 

my Bitdefender

deleted the terminal.exe file

and not allow me to install it again

how can i fix that .. ??

 
Same happened to me just now. When I try to restore the file inside Quarantine is says "The System does not have rights to access the specific path. It seem Bitdefender is messing with things in the back all of a sudden. 
 
This seems to be related to MT4 build 1408. Only thing I could do is Uninstall BitDefender, which shouln't be necessary at all. Whitelisting didn't help either.
 
Sergey Golubev #:

Go to your anti-virus setting, find terminal.exe file in your anti-virus program in "quarantine folder" or other folder/place, and make some actions (accept it as "false alarm" or any other actions proposed by your anti-virus program).

I have "360 Total Security" anti-virus, and yes - I got same warning and accepted it as "false alarm" and press "continue installation".
If not (if I did not press press "continue installation") so I need to open this anti-virus software in my computer, find terminal.exe file
and press something to be installed and so on.

--------------------------

False alarm is related to antivirus software, it means: we/you need to make an exceptions for this terminal.exe in anti-virus settings in your computer.

It do not work, no any "continue installation" can be chosen, but when the web install try to update it after I had restored install file,

the anti-virus will kill files which just updated, then no MT4 can be run, and I can not copy it manually or restore failed, either.


I don't think this is a good way to let MT4 users to do such operation. Because all MT4 versions of other brokers were deleted, too, that's a huge trouble.


If it was caused by the thing of RSA private key, may be you smart guys can deal it with another new key which will not cause false alarm?

Otherwise, I believe brokers will be trouble too, if their users can not get update or new installation, right? I don't know.

 
googollien #:
I don't think this is a good way to let MT4 users to do such operation. Because all MT4 versions of other brokers were deleted, too, that's a huge trouble.

It is issue which is related to anti-virus software: false alarm.

It was same issue in past, and the traders contacted with anti-virus software developers, and they (anti-virus software developers) fixed this issue.
So, it is not related to Metatrader software developers at all.

My example.
terminal.exe file was deleted by my antivirus software, and I open this antivirus software - Virus Scan - Quarantine - and so on

And I placed this file to the trusted list of this antivirus software program.

Same actions can be done for any (or almost any) antivirus software.

------------------------

It was same issue in past, and the traders contacted with anti-virus software developers, and they (anti-virus software developers) fixed this issue.

I will not write the message to support of this anti-virus software program because they are from Beijing but I do not speak Chinese language.
So, it is more quickly (and effective) to place some files in Trusted List of this software.

It may be same action for any other anti-virus software programs.

 
Sergey Golubev #:

It is issue which is related to anti-virus software: false alarm.

It was same issue in past, and the traders contacted with anti-virus software developers, and they (anti-virus software developers) fixed this issue.
So, it is not related to Metatrader software developers at all.

My example.
terminal.exe file was deleted by my antivirus software, and I open this antivirus software - Virus Scan - Quarantine - and so on

And I placed this file to the trusted list of this antivirus software program.

Same actions can be done for any (or almost any) antivirus software.

------------------------

I will not write the message to support of this anti-virus software program because they are from Beijing but I do not speak Chinese language.
So, it is more quickly (and effective) to place some files in Trusted List of this software.

It may be same action for any other anti-virus software programs.

Okay, thank you for your instruction, but... other Anit-Virus does not give us any chance to add terminal.exe to whitelist,

because it deleted all terminal.exe of all MT4 installed in many folder with light speed, and always restore failed.

And if it has been deleted, then it can not be add to whitelist, the "Advance Threat Detection" function is working only on App (".exe"), couldn't been set on a folder,

so it is a deadlock when the ".exe" missing, or when you just copied it into folder, you won't have chance to set whitelist

because it will delete in light speed after the copy action just done...(sigh)


My Anti-Virus Bit Defender may be most popular on the world, I think there must be tons of MT4 users has the same problem,

if you smart guys of MetaQuotes don't contact Bit Defender or other Anti-Virus designers or change RSA private key of MT4,

I don't think we end-user can ask them add MT4 to white list, they will just ignore us.


BTW, I tried to fix it, and maybe can run, will post on next comment.