McAfee antivirus says my FB .exe files are viruses?

General discussion for topics related to the FreeBASIC project or its community.
Post Reply
BasicCoder2
Posts: 3906
Joined: Jan 01, 2009 7:03
Location: Australia

McAfee antivirus says my FB .exe files are viruses?

Post by BasicCoder2 »

Last week a trial version of the McAfee LiveSafe software that came with my recently purchased Window11 laptop declared it had removed a virus, one of my fb exe programs. Today it declared it had removed another virus, another fb compiled exe program. Why wait a week, the .exe along with all the others have been there for the same amount of time and what about all the other .exe I compiled? These .exe by the way were copied from a RAM stick which I used as back up.

I was under the impression window11 had its own anti virus protection which was updated on a regular basis along with any other updates?

Any thoughts or suggestions on the best way to protect myself from viruses, malware and so on?
Imortis
Moderator
Posts: 1923
Joined: Jun 02, 2005 15:10
Location: USA
Contact:

Re: McAfee antivirus says my FB .exe files are viruses?

Post by Imortis »

For most peoples internet usage, Windows Defender is fine. It is not "The Best" but it will protect you pretty well if you are keeping away from the shadier parts of the internet.

That said, McAfee in not a great product. Neither it or Norton are really good options if you need something extra. I have recently used Avira, both the free version and the paid version, and it is pretty solid. I am quite unhappy with the modern trend of even the paid version of antivirus' trying to upsell me on all the other crap they bundle along. Optimizers, Firewalls, Email protections, VPNs, and Crypto miners (yea, really).

It is a massive pain in the butt. Windows Defender is fine for most people.
fxm
Moderator
Posts: 12082
Joined: Apr 22, 2009 12:46
Location: Paris suburbs, FRANCE

Re: McAfee antivirus says my FB .exe files are viruses?

Post by fxm »

Me too, since Windows 10, I have no longer used additional anti-virus like Avast which I had before, but which is cumbersome to use and penalizes a lot the performance of the PC.
BasicCoder2
Posts: 3906
Joined: Jan 01, 2009 7:03
Location: Australia

Re: McAfee antivirus says my FB .exe files are viruses?

Post by BasicCoder2 »

Imortis

fxm

Thank you both for the responses. I will make sure Windows Defender in on and updated and rely on that while keeping away from any part of the internet that I think might be shady.
fxm
Moderator
Posts: 12082
Joined: Apr 22, 2009 12:46
Location: Paris suburbs, FRANCE

Re: McAfee antivirus says my FB .exe files are viruses?

Post by fxm »

The classic method is to uninstall the antivirus then restart Windows.
caseih
Posts: 2157
Joined: Feb 26, 2007 5:32

Re: McAfee antivirus says my FB .exe files are viruses?

Post by caseih »

Maybe it's a lost cause but you can submit the exes to McAfee as a false positive in hopes they can correct the issue. For whatever reason many EXEs produced by lesser-known compilers trip AV on Windows and have for years.

I also use only Windows Defender on Windows. And of course I also am careful with what I download and what sites I visit. First thing I do is remove the rubbish that ships with the computer and all the trial stuff and install my web browser of choice.
marcov
Posts: 3455
Joined: Jun 16, 2005 9:45
Location: Netherlands
Contact:

Re: McAfee antivirus says my FB .exe files are viruses?

Post by marcov »

caseih wrote: Jan 21, 2023 0:27 Maybe it's a lost cause but you can submit the exes to McAfee as a false positive in hopes they can correct the issue. For whatever reason many EXEs produced by lesser-known compilers trip AV on Windows and have for years.
Antiviruses have (at least) two layers. The classic layer scanning for known signatures, and the heuristic layer that tries to see if anything is "wrong" with a binary. Most of the problems come from that second layer.

That "wrong" can be anything. A signature of a library that is used in malware (there were lots of problems with Delphi binaries containing the standard socket library, when Russian malware authors used Delphi heavily), something wrong with the binary (PE) format that is not typically like how an average Visual Studio binary looks like, because it is made by a 3rd party linker etc etc.

The problem is that for this heuristic layer, the burden of proof is reversed, basically denying everything unless proven otherwise. IOW if your binary does not contain malware, but the heuristic say it isn't, it requires action on your part (like submitting the EXE) to get it whitelisted. If enough reports come for the same aspect of the heuristic scan, it may be made more specific or disabled

It is hopefully obvious that this makes it a popularity contest, with files from popular toolchains receiving less scrutiny (since that would bother the engineers), and the files from more obscure angles getting troubles easier.

The opinions on submitting vary. Sure, most sources say that it is good citizenship to submit, otherwise nothing will ever change. But many report continuing problems because the chances that some new build will block in the next weeks by the same antivirus are relatively high.

There are other things too. Avoid certain techniques, like exe packers, binary format modifiers, obscure linkers (PE deviations!, certain hand coded assembler with odd framing (e.g. setjump exception code while SEH is standard), and libraries that use such techniques. Some people have said just linking to certain visual studio runtimes (increasing requirements) decreases antivirus problems.
I also use only Windows Defender on Windows. And of course I also am careful with what I download and what sites I visit. First thing I do is remove the rubbish that ships with the computer and all the trial stuff and install my web browser of choice.
I disable Windows Defender on most systems that I use for work and go without, though that has more to do with general slowliness and using SDKs for ethernet based camera systems. Antiviruses intercepting and slowing often confuses the detection process. I have been doing this for 15+ years now, and not got one single virus.

I have an old laptop that I use for banking, taxes etc (in the NL you don't get a refund for certain forms of banking fraud if you don't have an up to date antivirus)
Post Reply