Menu
Basically, I just ran a scan of my computer with Malwarebytes (updated the definitions before running), and it said my "helloworld" program written in C# has a trojan.
I know for a fact this is a false positive, as I only wrote the program 2-3 days ago and followed a small tutorial website to make the program that I trust. I am new to C#, but I can't see anything that would give a trojan warning at all.
The program flags the executable, but not the source file.
using System; namespace HelloWorldApplication { class HelloWorld { static void Main(string[] args) { Console.WriteLine("\n\tHello World!"); Console.WriteLine("This is my first C# program.\nI'm so proud of myself!"); Console.WriteLine("\tTeehee!"); } } } This is the code, written in Notepad++, and it is run from the command-line (Cygwin, actually). Why does it flags this? Is it something that, as a budding C# programmer, I should know about?
770
In fact, Malwarebytes detects all known Trojans and more, since 80% of Trojan detection is done by heuristic analysis. We even help mitigate additional infection by cutting off communication between the inserted malware and any backend server, which isolates the Trojan.
The best way to clean up a Trojan infection is to use Malwarebytes' free trojan scanner, and then consider Malwarebytes Premium for proactive protection against future Trojan infections. Malwarebytes Premium will initiate a scan for Trojans and then remove Trojans so they can't cause further damage.
Malwarebytes Anti-Malware Free uses industry-leading technology to detect and remove all traces of malware, including worms, Trojans, rootkits, rogues, dialers, spyware, and more. It is important to note that Malwarebytes Anti-Malware works well and should run alongside antivirus software without conflicts.
A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program. The delivery method typically sees an attacker use social engineering to hide malicious code within legitimate software to try and gain users' system access with their software.
The problem could be that the Backdoor.MSIL.PGen Trojan is typically called 'hello.exe'. The name of your executable is presumably 'hello.exe' or 'helloworld.exe'.
Just rename your project or change the output executable to something not containing 'hello', and it should stop detecting it.
This answer is somewhat speculative, but given the name of your project, and a history of over-aggressive detection of this malware (see here), it seems a reasonable stab.
73
The answer by Baldrick is likely correct, but there is also another possibility: There are viruses which search for random executables on the system and modify them by inserting their own code into them (this is, in fact, the original definition of "computer virus"). When you find that an executable which you know is trustworthy suddenly is reported as infected, you might be dealing with such a virus.
But unless your virus scanner reports other executables as the same virus, this is unlikely.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
