Search code examples
c++visual-studio-2017

Loudicrouz.J virus in visual studio 2017

I was making a simple Console based C++ application and made a loading bar using Visual Studio 2017. I encountered an error having a prompted message that my code contains potentially bugs or viruses. Microsoft Security detects it as Torjan:Win32/Loudicrouz.J (severe).

Here's my code:

#include <iostream>
#include <conio.h>
#include <cstdlib>
#include <time.h>
#include <Windows.h>

using namespace std;

class loading_bar {
    int loading_percentage;
    int loading_per_increment;
public:
    loading_bar();
    void print_loading_bar();
    void delay(int);
};

void loading_bar::delay(int milliseconds)
{
    clock_t start = clock();
    while ((clock() - start) * 1000 / CLOCKS_PER_SEC < milliseconds) {

    }
}

loading_bar::loading_bar() {
    loading_percentage = 0;
    loading_per_increment = 1;
}

void loading_bar::print_loading_bar() {
    for (; loading_percentage < 50; loading_percentage++) {
        system("cls");
        cout << "\n\n\n\n";
        cout << "\t\t\t\t";
        cout << "--------------------------------------------------\n";
        cout << "\t\t\t\t";
        cout << "|";
        for (int i = 0; i < loading_percentage; i++) {
            cout << char(219);
        }
        for (int j = 49 - loading_percentage;j>0; j--) {
            cout << " ";
        }
        cout << "|\n";
        cout << "\t\t\t\t";
        cout << "--------------------------------------------------\n";
        delay(100 / loading_per_increment);
    }
}

Though my code is working fine and still I don't know what's the reason behind this virus. I was unable to find the issue where it's been caused.

Solution

  • The delay() method might be the culprit where you're waiting in the loop:

    void loading_bar::delay(int milliseconds)
{
    clock_t start = clock();
    while ((clock() - start) * 1000 / CLOCKS_PER_SEC < milliseconds) {

    }
}

    Replace it with Sleep() like this:

    void loading_bar::delay(int milliseconds)
{
    Sleep( milliseconds );
}

    Most probably, your antivirus runs your executable in a sandbox environment and observes its behavior i.e. API calls. That waiting in the loop triggers some rule of the antivirus detection mechanism that this might be suspicious as the code is waiting for a particular time to execute some malicious stuff. Using the Sleep() function didn't trigger it so now it's resolved. I hope it helps!