About False Alerts by Anti-Virus Software

[MetaQuotes]

In order not to write "A False Alarm" over and over again, one more time we make a statement:

1. Our software does not contain trojan or any other viruses (this is nonsense - our reputation and our work is very important to us).
   
   
2. All the authorized updates that are received by your terminals are checked for being additionally signed by our digital signature - no update can be accepted and installed if it has no digital signature (RSA 1024) of our revision builder.
   
   It means that if the terminal got a message "Update available", they are fully trusted and created within our company. Though updates are distributed via brokers' trade servers, brokers can't modify update packages, cause this will change digital signatures of the update archive.
   
   
3. All executable files of our programs are signed by trusted and verified digital certificates by Thawte, which guarantees that files will not be changed and proves our copyright.
   
   
4. Any anti-virus warnings about problems with updates or authorized installers (downloaded from files.metaquotes.net) are only incorrect interpretations.
   
   
5. Errors of anti-virus programs are based on heuristic engines that erroneously interpret Themida advanced protection system (developers' website http://www.oreans.com) as resembling a trojan or virus. The polymorph protection engine is subject to constant changes, influencing the detection by anti-virus software, producing one name or another.
   
   
6. Warnings are generated only by a few not very popular anti-viruses, who do not take the trouble of deep analysis. Instead they simply block all software protected by Themida (as for example AVG, who earnestly warn "Win32/Themida"). More responsible anti-viruses do not generate suchlike messages.
   
   
7. All builds of our software are automatically sent to AVG under the program "AVG Whitelisting Service" for software developer - we expect this will efficiently solve the problem of whitelisting.

[y5713-MKTrading]

Hello,

Some traders in our group including myself have had a detection. Mine was with Windows Security but others have been with other security software. I attach my detection notification and one from a fellow trader. Can you throw some light on this issue? What gives me pause is that it is the same virus that is detected.

Thank you.

[Sergey Golubev]

y5713-MKTrading #:

Hello,

Some traders in our group including myself have had a detection. Mine was with Windows Security but others have been with other security software. I attach my detection notification and one from a fellow trader. Can you throw some light on this issue? What gives me pause is that it is the same virus that is detected.

Thank you.

It is false alarm (it was discussed many times) so you can ignore it.

It was discussed many times, for example:

• https://www.mql5.com/en/forum/462628 (and about how to solve it)
• how to solve: post #16 and post #17 
• more.

Forum on trading, automated trading systems and testing of trading strategies

Virus detected in meta editor

Renat Fatkhullin , 2016.05.04 12:10

Please look at the digital signature of the file.

This is a false alarm due to the polymorphic protection engine of our programs.

[William Roeder]

You can also run the file through many checkers via https://www.virustotal.com

[y5713-MKTrading]

Sergey Golubev #:

It is false alarm (it was discussed many times) so you can ignore it.

It was discussed many times, for example:

• https://www.mql5.com/en/forum/462628 (and about how to solve it)
• how to solve: post #16 and post #17 
• more.

Thank you.