Antivirus detecting compiled C++ files as trojans

This could be caused by two things

  1. It really is a trojan, you downloaded your mingw from some places where its code was altered to add a virus inside each program you create. This is done for almost all the commercial compilers, all "free" (cracked) version have that code inside them, each time you compile your code the virus is added to your exe.

  2. The hash of your exe for some reason matched an existing virus, you can confirm if this by altering one characters in your code for example "hello world!" to "hello world?" and see if it is still considered as a virus, if yes, there is a very high chance that your compiler adds viruses to your programs.


The issue has come up before. Programs compiled with mingw tend to trigger the occasional snake oil (i.e., antivirus program) alarm. That's probably because mingw is a popular tool chain for virus authors and thus its output matches generic patterns occurring in true positives. This has come up over and over again, also on SE (e.g. https://security.stackexchange.com/questions/229576/program-compiled-with-mingw32-is-reported-as-infected). [rant] In my opinion that's true evidence of incapacity for the AV companies because it would be easy to fix and makes you wonder whether the core functions of their programs are better implemented. [/rant]

Your case is a bit suspicious though because the number of triggered AV programs is so large. While I have never heard of a compromised mingw, and a cursory google search did not change that, it's not impossible. Compromising compilers is certainly an efficient method to spread a virus; the most famous example with an added level of indirection is the Ken Thompson hack.

It is also certainly possible that your computer is infected with a non-mingw-originating virus which simply inserts itself into new executables it finds on disk. That should be easy to find out by the usual means. A starting point could be to subject a few other (non-mingw) new executables to the online examination; they should trigger the same AV programs.

Note that while I have some general IT experience I have no special IT security knowledge; take everything I say just as a starting point for your own research and actions.

Tags:

C++

Antivirus

Trojan

Related

How to make this illumination effect with CSS Undefined class StorageReference when using Firebase Storage SQLAlchemy accessing column types from query results Pipfile Hash Creation Overloading of hidden friends by differences only in (mutually exclusive) requires-clauses: legal or an ODR-violation? Should Domain Model Classes always depend on primitives? [karma-server]: TypeError: Cannot read property 'range' of undefined - Angular Unit Testing in CI environment 'setter for mainClassName: String' is deprecated. Deprecated in Java Predefined type 'System.Runtime.CompilerServices.IsExternalInit' is not defined or imported Faster way for extracting and combining bits from UINT16 to UINT8 Regex to match a string like ababba etc Place two multiline TextViews with wrap_content width on both sides of the parent view

Recent Posts