starred/Quasar

Fork 0

mirror of https://github.com/quasar/Quasar.git synced 2026-04-26 07:45:57 +03:00

[GH-ISSUE #1097] Will hosting this program on my computer put me at risk? #799

New issue

Closed

opened 2026-02-27 15:51:53 +03:00 by kerem · 20 comments

kerem commented

2026-02-27 15:51:53 +03:00

Owner

Originally created by @tomjonesius on GitHub (Oct 5, 2022).
Original GitHub issue: https://github.com/quasar/Quasar/issues/1097

I downloaded the .zip file, extracted it to a folder, then moved it to my external hard drive. I then disconnected and did a virus scan, and three issues were found by BitDefender in locations nowhere near where I originally saved the files. Have I just inadvertently infected myself? I have removed the 'threats' and will leave my hard drive disconnected for the time being.

Originally created by @tomjonesius on GitHub (Oct 5, 2022). Original GitHub issue: https://github.com/quasar/Quasar/issues/1097 I downloaded the .zip file, extracted it to a folder, then moved it to my external hard drive. I then disconnected and did a virus scan, and three issues were found by BitDefender in locations nowhere near where I originally saved the files. Have I just inadvertently infected myself? I have removed the 'threats' and will leave my hard drive disconnected for the time being.

kerem closed this issue

2026-02-27 15:51:53 +03:00

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

which zip file.

@edcdecl commented on GitHub (Oct 5, 2022): **___which___** zip file.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

The one found here (this repository)

https://github.com/quasar/Quasar/archive/refs/tags/v1.4.0.zip

@tomjonesius commented on GitHub (Oct 5, 2022): The one found here (this repository) https://github.com/quasar/Quasar/archive/refs/tags/v1.4.0.zip

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

are you sure they were exe's and not just data files?
edit: data files are stored in your user account's appdata/roaming folder

@edcdecl commented on GitHub (Oct 5, 2022): are you sure they were exe's and not just data files? edit: data files are stored in your user account's appdata/roaming folder

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@BurntDog commented on GitHub (Oct 5, 2022):

Make sure you get this software from here only. FYI just by being connected to the internet alone your at risk. This program itself has proven secure.

@BurntDog commented on GitHub (Oct 5, 2022): Make sure you get this software from here only. FYI just by being connected to the internet alone your at risk. This program itself has proven secure.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

I don't think any of the 3 were .exe files. However I never actually ran the program so how would the files have gotten in my system?

@tomjonesius commented on GitHub (Oct 5, 2022): I don't think any of the 3 were .exe files. However I never actually ran the program so how would the files have gotten in my system?

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@BurntDog commented on GitHub (Oct 5, 2022):

https://github.com/quasar/Quasar/releases/download/v1.4.0/Quasar.v1.4.0.zip

@BurntDog commented on GitHub (Oct 5, 2022): https://github.com/quasar/Quasar/releases/download/v1.4.0/Quasar.v1.4.0.zip

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

if you didnt run quasar then theyre 100% unrelated.

@edcdecl commented on GitHub (Oct 5, 2022): if you didnt run quasar then theyre 100% unrelated.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

My AV identified them as Quasar and one came up as a password stealer (i think client.bin?)

@tomjonesius commented on GitHub (Oct 5, 2022): My AV identified them as Quasar and one came up as a password stealer (i think client.bin?)

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

client.bin is a file that quasar uses to generate the client
because client.bin probably the entire client code, it detects client.bin as a wide variety of threats (password stealer is their way of saying password recovery)

@edcdecl commented on GitHub (Oct 5, 2022): client.bin is a file that quasar uses to **___generate the client___** because client.bin probably the entire client code, it detects client.bin as a wide variety of threats (password stealer is their way of saying password recovery)

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

How did it end up in my files without me opening the program though? That's the part that's got me concerned

@tomjonesius commented on GitHub (Oct 5, 2022): How did it end up in my files without me opening the program though? That's the part that's got me concerned

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

client.bin is part of quasar. it's in the zip file.

@edcdecl commented on GitHub (Oct 5, 2022): client.bin is _part_ of quasar. it's in the zip file.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

I know, however, the .zip file was not even on my machine when I did the scan

@tomjonesius commented on GitHub (Oct 5, 2022): I know, however, the .zip file was not even on my machine when I did the scan

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

your av probably quarantined it. explains why client.bin wasnt where you put quasar.

@edcdecl commented on GitHub (Oct 5, 2022): your av probably quarantined it. explains why client.bin wasnt where you put quasar.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@BurntDog commented on GitHub (Oct 5, 2022):

If you don't understand how these programs work it's best for you not to use it until you do.

@BurntDog commented on GitHub (Oct 5, 2022): If you don't understand how these programs work it's best for you not to use it until you do.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

Can you point me in a helpful direction to find out more

@tomjonesius commented on GitHub (Oct 5, 2022): Can you point me in a helpful direction to find out more

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@BurntDog commented on GitHub (Oct 5, 2022):

There are videos on YouTube that help you better understand this app. That client.bin file alone can't do anything. It's used in both compiling or setting up this app.

@BurntDog commented on GitHub (Oct 5, 2022): There are videos on YouTube that help you better understand this app. That client.bin file alone can't do anything. It's used in both compiling or setting up this app.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@tomjonesius commented on GitHub (Oct 5, 2022):

Ok so just to clarify.
BitDefender is tripping and my computer is fine?

@tomjonesius commented on GitHub (Oct 5, 2022): Ok so just to clarify. BitDefender is tripping and my computer is fine?

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@edcdecl commented on GitHub (Oct 5, 2022):

yes. a program can't do anything unless you invoke it.

@edcdecl commented on GitHub (Oct 5, 2022): yes. a program can't do anything unless you invoke it.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@MaxXor commented on GitHub (Oct 5, 2022):

@ErickDaCoder @BurntDog Thanks for covering this issue. I think everything to get in the right direction has been said. You can also check out this guide: https://github.com/quasar/Quasar/wiki/Getting-Started

However, @tomjonesius I don't think this AV scan is meaningful if you didn't do a scan BEFORE and AFTER downloading Quasar. It could be possible that you had a virus on your computer for weeks and just now noticed it.

@MaxXor commented on GitHub (Oct 5, 2022): @ErickDaCoder @BurntDog Thanks for covering this issue. I think everything to get in the right direction has been said. You can also check out this guide: https://github.com/quasar/Quasar/wiki/Getting-Started However, @tomjonesius I don't think this AV scan is meaningful if you didn't do a scan BEFORE and AFTER downloading Quasar. It could be possible that you had a virus on your computer for weeks and just now noticed it.

kerem commented

2026-02-27 15:51:54 +03:00

Author

Owner

@knackrack615 commented on GitHub (Oct 8, 2022):

Probably what happened here is OP used WinRAR's drag and drop function to extract Quasar, WinRAR will temporarily drop the files on %temp% when extracting that way, that's most likely what was detected.

@knackrack615 commented on GitHub (Oct 8, 2022): Probably what happened here is OP used WinRAR's drag and drop function to extract Quasar, WinRAR will temporarily drop the files on %temp% when extracting that way, that's most likely what was detected.