CircuitBlocks Malware/Virus detected

Hi,

I’m receiving an alert from Windows Defender when trying to install CircuitBlocks. It blocks the program from installing due to unsafe files detected in the package installer. Running the files through AVG throws up similar results with an IDP.Generic alert due to suspicious behaviour. It doesn’t seem to be detecting anything in particular, it just notices that something is behaving similarly to malware. Is this a false positive? If so, what exactly would be causing defender and AVG to be identifying it as unsafe?

Thanks,

Marc

I don’t know CircuitBlocks from Adam (I’m strictly a C++ kind of guy). But if CircuitBlocks was written in Python and then compiled to a Windows .exe file using pyinstaller, then this is a known problem caused by pyinstaller - generating .exe files that falsely test positive for a virus.

Thanks for your response. I think you might be right. I’ve done some more reading into this and it appears to be a common problem with the pyinstaller pre-compiled bootloaders. The default bootloader binaries have been used extensively in malware and virus installers. Lots of chat about it on Stack Exchange.

Hello!

CircuitBlocks is programmed in NodeJS with Electron and built using Electron builder. The app is free open source software, and the source code is available on our GitHub. Every line of code in the app was programmed by me and another colleague, and the binary releases are compiled by me personally, so there is no possibility that any malicious code ended up in the app and this is most likely a false positive.

We’ve actually gotten a few reports by other people that AVG and McAfee are classifying CircuitBlocks as suspicious and are investigating why this has happened and working on getting in touch with the AV companies to resolve this error.

One reason I suspect this might have happened at this stage is the fact that when CircuitBlocks runs the first time it installs the Arduino IDE, arduino-cli and all the required components and platforms required for compiling our devices. Since a lot of viruses work by disguising itself as a legit program and then installing malware, it is possible that the defender detects CircuitBlocks installing other programs and flags it as suspicious behaviour.

I can assure you that there is nothing malicious going on with CircuitBlocks, and you can tinker with your devices without fearing of infecting your PC by using the app.

Filip

Bitdefender and windows defender give the same results.
Can’t install cicuitbloks because of malware etc.

Even if I manage to install the softwqare it’s being blocked by the defense software.
The only way to use the software is to shut down every defense I have.