Sign in to follow this  
ClayMontgomery

False positive on my C++ program?

Recommended Posts

Hello,

  I am compiling a program named "Lightwing" using Microsoft Visual Studio Express 2010. Adaware claims it contains a trojan virus and deletes it even though I just compiled it. Each time I recompile lw.exe the virus is reported again.  I have attached my freshly compiled lw.exe and the Adaware report log lists this:

        <InfectedObject ObjectType="File" ObjectPath="\\?\C:\lightwing\source\build\WindowsVC2010\Release\lw.exe" ParentContainers="" InnerObject="" ObjectStatus="Deleted" ThreatType="Virus" ThreatName="Gen:Variant.Trojan.Crypt.64" />

Please advise if this is a false positive and how should I fix it.

Thanks, Clay

AdawareFalsePositiveReport.png

lw.exe

Share this post


Link to post
Share on other sites

Hi Clay,

I've reported your issue to my contact person. I assume it's a false positive and you aren't writing malicious code. Please note that you can exclude folders in adaware antivirus: https://www.adaware.com/user-guide/manage_exclusions
I think that is a good solution to configure development folders to not be scanned.

Share this post


Link to post
Share on other sites

Hi Cecilia,

  I can't just ignore this because I need to distribute my app. It must be clean and not be flagged as infected. It's not my code I am concerned with, but Microsoft Visual Studio links in many libraries and the C++ runtime binaries, which could perhaps be infected or trigger false positives. Either way, I must fix it and I would appreciate any help.

The 2010 version of MSVC is obviously old, but that should not be an issue, is it?

Maybe the MSVC executable is infected, but shouldn't Adaware clean that?

Thanks, Clay

 

Share this post


Link to post
Share on other sites
11 hours ago, ClayMontgomery said:

Maybe the MSVC executable is infected, but shouldn't Adaware clean that? 

You're welcome :)

If that is the case, adaware antivirus would find it during a scan of the computer, or when you use it. Since all antivirus programs can miss some files, you can upload it to https://www.virustotal.com/ to check it against many antivirus programs.

You can do that with your own app too and since adaware antivirus gets many definitions from Bitdefender, if it is flagged by Bitdefender, please upload it to Bitdefender: https://www.bitdefender.com.au/support/what-to-do-when-bitdefender-detected-a-clean-file-as-infected-(false-positive)-851.html

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this