Ticket #40451

Virus Reported by Avast and Others in compiled code

Open Date: 2020-05-30 11:49 Last Update: 2020-05-31 04:51

1 - Lowest
5 - Medium
Score: -1
0.0% (0/1)
100.0% (1/1)


When I downloaded MinGW to my new HP laptop running Windows 10, I complied a 2-line Hello World program in C with gcc. Avast reported a Win32:TrojanX-gen virus. Going to virustotal.com, 31 of 72 antivirus products reported a virus or similar. Clearly, the problem could not be in my 2-line program, so it must be in a library.

This problem must be fixed ASAP!

Thank you.

Ticket History (3/3 Histories)

2020-05-30 11:49 Updated by: henrymwalker
  • New Ticket "Virus Reported by Avast and Others in compiled code" created
2020-05-30 19:40 Updated by: keith
  • Priority Update from 7 to 1 - Lowest
  • Resolution Update from None to Rejected
  • Status Update from Open to Closed

This problem must be fixed ASAP!

Nope. You must prove, with near 100% certainty, that it is not a false positive. Right now, you are yelling "trojan", but offer me only 43% confidence in your assessment — and you aren't even prepared to assert that every one of the potential false positives relates to identically the same trojan; couple that with my 0% confidence in any antivirus product — especially any which is commercially motivated to exploit the naïve — and I must do no more treat this report with the contempt which any such knee-jerk reaction deserves. It's entirely your choice how you wish to proceed, but we we are under no obligation to do anything here.

2020-05-31 04:51 Updated by: henry_walker

You claim this is likely a false positive, and of course that may be true---but it also may not be.

In the past, my experience has been that reports of a virus being present are true---but mostly I work on a Linux and Mac platforms---I'm new to Windows 10. The first virus code I encountered was in email which I received on a Linux platform--perhaps 10-15 years ago. Rather than opening an attachment in the usual way, I saved the attachment and looked at it with emacs---not executing the file. After hand tracing the code, the nature of the virus was clear. In the current Windows 10 environment, hand tracing binary code does not seem practical.

With this background, how would you propose determining if this is a false positive? Guidance would be appreciated, as I certainly will not run code that has a moderate chance of being unsafe.

I look forward to constructive suggestions.

(Edited, 2020-05-31 07:57 Updated by: henry_walker)

Attachment File List

No attachments


Please login to add comment to this ticket » Login