In nightly build 13855 of Code::Blocks, the file cb_console_runner.exe is being flagged as malicious by a significant number of antivirus engines.
File: cb_console_runner.exe
Build: nightly build 13855
SHA-256: 31c3ed2d47e9be928633d365c8471d87ee8a8fd5a291356f9ff99a3c82be9071
VirusTotal detections: 25/70
VirusTotal report: https://www.virustotal.com/gui/file/31c3ed2d47e9be928633d365c8471d87ee8a8fd5a291356f9ff99a3c82be9071
25 out of 70 engines flagging the file is a fairly high detection rate and does not look like an isolated false positive. Could someone please investigate whether the build environment or toolchain may have been compromised, or otherwise clarify why this binary is triggering so many detections?
cb_console_runner.exe from current trunk (13881) compiled with GCC8.1 is not flagged at all. This looks like an heuristic false positive; A virus possibly have used the same compiler as the nightly build so some code fragments match.
What is the
cb_console_runner.exefile actually required for? It seems that C::B works fine even without this file.It is used to run console targets when clicking on "Build and run", it will show execution time and ask for a key on exit.
I managed to solve the problem on my own.
I simply compiled the file https://sourceforge.net/p/codeblocks/code/HEAD/tree/trunk/src/tools/ConsoleRunner/main.cpp using
mingw-w64-ucrt-x86_64-gccversion 16.1.My file does not have a single detection on VirusTotal (0/70): https://www.virustotal.com/gui/file/f9b9b4d8b8a4f0014b8ca9abf2c76bb236c9ddfc3dd1837e04c255dea150bcf3
It is unclear how the nightly build of C::B 13855 was compiled by C::B team, since this file triggered so many antivirus detections (25/70). Sure, false positives do sometimes happen, but definitely not in the same numbers.
If anyone needs my file, I have added it as an attachment.
Last edit: RoyalX 2026-07-04