1

I wanted to try out the TCC and got the Win32 Binary zip file from the website. upon decompressing it I tried to compile the "hello_win.c" source from the example directory. As soon as the compiler tried to write to the disk McAfee Popped up a dialog box and identified a Trojan named "Generic.dx." Has anyone else experience this? Dropping a virus into a compiler would be a sneaky, but brilliant, delivery mechanizism. I just want to know if this is a legit threat.

NoMoreZealots
  • 5,274
  • 7
  • 39
  • 56
  • "http://bellard.org/tcc/" Someone is trying to close the message, if a compiler is being used to spread viruses that's a concern to the people of THIS website! – NoMoreZealots Apr 01 '10 at 22:09
  • After having scanned the files in question, I would not worry all that much, it's probably just that tcc is commonly used by virus writers to compile their code, so that the corresponding binaries may contain signatures that trigger antivirus heuristics – none May 16 '10 at 12:14
  • That's the best answer I've seen... You should post it as an answer instead of a comment so I can accept it. – NoMoreZealots May 24 '10 at 21:16
  • There is still a lot of antivitus detectors including McAfee (10/20 on jotti) still think this is a tojan! http://www.threatexpert.com/threats/win32-suspectcrc.html – David Allan Finch Apr 05 '12 at 07:12

3 Answers3

2

Have you tried any other virus scanners? McAfee is notorious for false positives. What does the TCC website say about it? Have you googled it? I'd rather doubt it is actually a virus.

Byron Whitlock
  • 52,691
  • 28
  • 123
  • 168
2

Upload your *.exe file to http://www.virustotal.com/ to see which Anti-Virus scanners react to the file. I have had similar issues with Delphi. (See discussion at Wikipedia.)

Andreas Rejbrand
  • 105,602
  • 8
  • 282
  • 384
0

By definition, compilers modify executable files. It is quite possible that your antivirus is flagging this behaviour as a "generic" virus. If you download your executables from a reputable source, and if they pass virus detections inside tcc.exe itself, most likely this is a false warning.

mikijov
  • 1,552
  • 24
  • 37