VIRUS or TROJAN that WIPES all Custom Experts, Indicator & Scripts ?!
i had the same issue. reported it here on the forum, but i did not get any reply's.
https://www.mql5.com/en/forum/128106 but i did not found any virus or malware on the machine.. i thought win7 did something because of the protected environment. Since then my MT is installed on a different location and i had no issues.
//z
Has anyone ever experience this ? I've search the forum for viruses nothing resembles came up. [...]
cameofx:
But this is a bit alarming, and I'm surprise no one has made a peep about it.
A virus infection is always alarming, no matter whether you use your PC for trading or something else. This is nothing MT4 specific.
AV software is not there to allow you installing dangerous software, just like the airbag in your car is NOT there to allow you careless driving and provoking accidents. If an accident (virus alarm) happened then this is always a sign that you did something wrong!Yes it is unlikely to be mt4 specific it is most likely a virus that attacks .exe files and your mt4 files got caught by it too, i feel for you, anyone who has had their work destroyed by a virus knows how much that really sucks.
Hi,
I'm posting here because it is related.
Whenever I execute terminal.exe, my firewall warns of an attempt to execute shellcode. From the replies of my previous post (https://forum.mql4.com/35944), and my own findinds, this is something to worry about.
Trying to install a fresh copy of MT4 does not solve the issue. I trust the broker, as it is global, regulated by NFA, and no concerns about it by anyone.
My guess is that VM (or VirusMakers) are specifically targetting MT4 to grab expert advisors they migh find worthy.
Could someone help?
Thanks.
U should check terminal.exe through http://www.virustotal.com/. Post a link to the result here. I am betting on a false positive (i.e. we'll see that most big-name antivirus programs don't find anything).
I'm also betting on a false positive. And I'm still interested to know whether, in the earlier problem, it's only the .ex4 files which are disappearing, or whether it's the .mq4 files as well. If it's only the .ex4 files, then I'm betting on the following:
- On startup, MT4 attempts to recompile all .mq4 files
- Something is blocking the metalang compiler, as indicated in cameofx's original post. (As an example, I've seen the filemon utility cause metalang to fail. It's possible that either the virus or the anti-virus scanner is also doing whatever it is that metalang doesn't like.)
- Therefore, the .ex4 file gets deleted at the start of the recompilation, and is never re-created.
I'm also betting on a false positive. And I'm still interested to know whether, in the earlier problem, it's only the .ex4 files which are disappearing, or whether it's the .mq4 files as well. If it's only the .ex4 files, then I'm betting on the following:
- On startup, MT4 attempts to recompile all .mq4 files
- Something is blocking the metalang compiler, as indicated in cameofx's original post. (As an example, I've seen the filemon utility cause metalang to fail. It's possible that either the virus or the anti-virus scanner is also doing whatever it is that metalang doesn't like.)
- Therefore, the .ex4 file gets deleted at the start of the recompilation, and is never re-created.
i my case both, mq4 and ex4 files are disappeared..
but more interesting is that only my own coded files were affected, downloaded indicators where still there.. Since that is too specific for a virus/hacker/whatever i still bet on the protected "Program files" from win7
//z
Yes it seems a false positive, according to virus total.
I've deleted the firewall image from my previous message.
Thank you Gordon.
What exactly is getting wiped? Just the .ex4 files, or the .mq4 files as well?
Thanks for the feedbacks all...
Jjc,
Only the .ex4, which correspond to the last message in the Expert tab : 'Indicator 'x' compiling...' [not successfully of course].
The Expert tab has also often times missing.
What you're betting is what I hope to be the culprit too. But it's a whole different story, when it is a direct attack to a trader when live trading; as was my friend's predicament. Picture yourself on a 26 pips profit targeting 60; and your broker wipe your indicators &/or experts during live trading, this is exactly what happened on my friend's terminal. He has experienced it twice.
- Free trading apps
- Over 8,000 signals for copying
- Economic news for exploring financial markets
You agree to website policy and terms of use
Has anyone ever experience this ? I've search the forum for viruses nothing resembles came up.
I left my old PC without antivirus when connecting this past month. Some viruses & trojans are listed when I installed some local antivirus. 'W32 Sality ad', 'pedopa', 'ilwe' are among what I suspect is causing this.
If I open my terminal what was previously a fine Indicator was left blank in chart. Expert journal only says 'Indicator x Compiling...'. Pre-installed MT Indicators was unchanged.
Also a trader friend of mine reports that his indicator went blank when live trading. I have no reason to second-guess him though I don't witness it, he's an experienced trader, long time user of MT.
Installing a new MT on a clean computer resolves my issue. But this is a bit alarming, and I'm surprise no one has made a peep about it.