VisualD.dll flagged during VisualD 0.45.0 installation as Trojan by McAfee
Rainer Schuetze via Digitalmars-d-ide
digitalmars-d-ide at puremagic.com
Thu Aug 3 09:58:33 PDT 2017
On 03.08.2017 14:00, ShadoLight wrote:
> Hi,
>
> For other users of McAfee AV software: Note that, during the
> installation of VisualD 0.45.0, the VisualD.dll is detected as
> GenericRXBS-NK!9A26B67896F trojan by my McAfee AV (Enterprise v8.8 in my
> case).
>
> Since I have been using VisualD (and D) for practically forever I am
> sure this is a false-positive, and caused by McAfee's new-fangled
> 'generically detected malware' algorithm!
>
> I tried using the Quarantine Manager to 'restore' VisualD.dll, but this
> does not work since McAfee does not 'remember' previously restored
> files, and quarantine it every time VS loads the DLL.
>
> Since this is a corporate PC I cannot disable McAfee, so this even stops
> me from ZIPping the damn DLL (to email to McAfee for analysis).
>
> I'll have to revert to VisualD 0.45.0-rc2 for now, but it would be
> useful if someone can report this according to [1).
>
> [1]: https://kc.mcafee.com/corporate/index?page=content&id=KB85567
>
It seems this is getting worse for dmd built executables.
VirusTotal also shows the McAfee failures, and 3 other engines complain,
too. If I build Visual D against the MS-Runtime instead of the
DigitalMars-Runtime, no virus is detected.
Unfortunately the DLL grows from 3 MB to 9 MB, which seems to uncover a
bug somewheree in the tool chain. That might not be a show stopper,
though, and I wanted to switch to the COFF builds eventually anyway.
The autotester has also created the same version, maybe it passes McAfee
as is:
https://ci.appveyor.com/project/rainers/visuald/build/job/2g40k1pgyxg58avv/artifacts
It isn't built with the precise GC, though, so it might eat a bit more
memory if you edit large files.
More information about the Digitalmars-d-ide
mailing list