Closed wilzbach closed 7 years ago
wilzbach
commented
8 years ago Comment author: Jonathas <jdcbranco@gmail.com>
Created attachment 1609 Windows defender screenshot
Downloading the DMD compiler version 2.071.1 for Windows triggered my antivirus system. Please run scans on the offered download version of dmd.
Attached file: screenshot.png (image/png, 98245 bytes) Description: Windows defender screenshot
wilzbach
commented
8 years ago Comment author: Lodovico Giaretta <lodovico@giaretart.net>
(In reply to Jonathas from comment BZ#0)
Downloading the DMD compiler version 2.071.1 for Windows triggered my antivirus system. Please run scans on the offered download version of dmd.
It's a false positive. It is safe. You can check Martin Novak's signature on it [1].
So the real problem is finding a way to avoid antiviruses from signalling it, as it's definitely not a virus.
wilzbach
commented
8 years ago Comment author: @wilzbach
This has been reported quite often in the NG too:
https://forum.dlang.org/thread/rsxkofggmjveairlheka@ forum.dlang.org
Code signing has been suggested as a possible solution:
https://forum.dlang.org/thread/akxxnjatohebpmhbeqip@ forum.dlang.org
wilzbach
commented
8 years ago Comment author: Jonathas <jdcbranco@gmail.com>
Created attachment 1610 After installing it
I disabled Windows defender and installed, now the antivirus kicks in again complaining about one of the files that the installer deployed, nsis6-ddemangle.exe. Looks like one of the dependencies is infected. My antivirus is trying to remove that file.
Attached file: screenshot2.png (image/png, 136079 bytes) Description: After installing it
wilzbach
commented
8 years ago Comment author: Basile B. <b2.temp@gmx.com>
(In reply to Jonathas from comment BZ#3)
Created attachment 1610 [details] After installing it
I disabled Windows defender and installed, now the antivirus kicks in again complaining about one of the files that the installer deployed, nsis6-ddemangle.exe. Looks like one of the dependencies is infected. My antivirus is trying to remove that file.
Waiting for a new setup you can do this instead: remove any previous garbages and download the 7z archive: To complete the setup:
wilzbach
commented
8 years ago Comment author: anonymous4 <dfj1esp02@sneakemail.com>
I uploaded the file at https://www.microsoft.com/en-us/security/portal/submission/submit.aspx for online scan with microsoft antivirus and it tells that the file is not detected.
wilzbach
commented
7 years ago Comment author: Martin Nowak <code@dawg.eu>
(In reply to Sobirari Muhomori from comment BZ#5)
I uploaded the file at https://www.microsoft.com/en-us/security/portal/submission/submit.aspx for online scan with microsoft antivirus and it tells that the file is not detected.
How did you manage to upload the installer exe that is bigger than 10MB?
wilzbach
commented
7 years ago Comment author: anonymous4 <dfj1esp02@sneakemail.com>
I uploaded only ddemangle.exe
wilzbach
commented
7 years ago Comment author: anonymous4 <dfj1esp02@sneakemail.com>
About signing: http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html
Several times AV software blocked Firefox updates
But firefox components are all signed.
wilzbach
commented
7 years ago Comment author: Vladimir Panteleev <dlang-bugzilla@thecybershadow.net>
Is this still a problem?
Generally, false positives need to be reported to the antivirus vendor. Reports from end-users are more effective than reports from the software's authors, so generally (aside from code signing, possibly), there is nothing that could be done from D's side.
I'll close this for now as the bug is close to being a year old; please reopen if this false positive (Win32/Ipac.B!cl) still affects current releases of DMD.
Note: the issue was created automatically migrated from https://issues.dlang.org
Original bug ID: BZ#16405 From: Jonathas <jdcbranco@gmail.com> Reported version: D2 CC: b2.temp@gmx.com, code@dawg.eu, dlang-bugzilla@thecybershadow.net, @wilzbach, jdcbranco@gmail.com, lodovico@giaretart.net