clang-18.exe virus report

[VarunAgw]

Since the new update (which seem to release today or yesterday), I am getting this virus warning

I use Avast

[m417z]

It's a false positive. The clang-18.exe file is part of the LLVM MinGW project: https://github.com/mstorsjo/llvm-mingw/releases/tag/20240619

Please report it to Avast.

Meanwhile, you might want to add it to Avast's exclusion list.

[pushcom]

I had the same problem with Eset and i reported it to them.

[VarunAgw]

1. I don't add any program to exclusion list. You are a reputed developer but what happen if your github is hacked and impersonator is asking us to add program to exclusion?

2. I downloaded and extracted both llvm-mingw-20240619-msvcrt-x86_64.zip and llvm-mingw-20240619-ucrt-x86_64.zip. Avast don't detect any malware in them. It only report issue in your program.

[m417z]

1. I support this approach. You can wait for an answer from Avast or build the necessary code yourself.
2. You're welcome to compare both files to make sure that they are byte-to-byte equivalent. I assume Avast not only detected the file itself, but the way Windhawk executed it, maybe related to the command line flags used. With AV heuristics, it's difficult to know.

Also, a great blog post on the topic, old but still very much relevant: Antivirus companies cause a big headache to small developers

[pushcom]

Eset wrote back:

The file should not be detected any more.