visuald icon indicating copy to clipboard operation
visuald copied to clipboard
verified publisher icon dlang

"the file contains a virus or potentially unwanted software"

Open TurkeyMan opened this issue 8 months ago • 7 comments

Has anyone seen this before?

1>------ Build started: Project: myproject, Configuration: UnitTest x64 ------
1>Compiling appliance.d ...
1>TRACKER : error TRK0002: Failed to execute command: ""C:\Program Files (x86)\VisualD\msbuild\pipelink.exe" /ERRORREPORT:PROMPT @C:\Users\Manu\AppData\Local\Temp\MSBuildTemp\tmpe8808196763c44ea9985257e14b38e3d.rsp". Operation did not complete successfully because the file contains a virus or potentially unwanted software.

Literally one second I'm working normally, and then a moment later, pressing build starts emitting this message. Seems pretty odd... did MS just launch an update like right then?

TurkeyMan avatar Apr 19 '25 08:04 TurkeyMan

Not seen yet, but let's see what happens after the next Windows update. This program is not even built with the Digital Mars toolchain, but against the VC libraries ;) It is used to demangle symbols in linker errors, you can disable that with the respective option on the "Visual D Settings" page.

rainers avatar Apr 19 '25 09:04 rainers

Image

TurkeyMan avatar Apr 19 '25 10:04 TurkeyMan

So yeah, the windows virus protection config software showed this, which shows the right time and date... apparently MS just quietly deployed an update while I was actively using my computer.

TurkeyMan avatar Apr 19 '25 10:04 TurkeyMan

Image

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3AWin32%2FWacatac.B!ml&threatid=2147735505

Image

Cool story >_<

TurkeyMan avatar Apr 19 '25 10:04 TurkeyMan

Increasingly, people are turning to less mainstream languages like D to write their viruses in. Wouldn't be surprised if lazy antivirus vendors just added druntime to the database of signatures to match. :-)

ibuclaw avatar Apr 19 '25 19:04 ibuclaw

d-foundation really needs to splash out for a certificate so we can sign all these binaries...

TurkeyMan avatar Apr 20 '25 04:04 TurkeyMan

I ran into this issue after an update today, too. I have digitally signed the executables with the expired certificate, that seems to improve things a bit (or maybe just the recompilation, but only 8 scanners complain instead of 19 on virustotal). Missing a timestamp it does not help the installer messages that might scare people away, though. Please try https://github.com/dlang/visuald/releases/tag/v1.4.1-beta1

rainers avatar Apr 20 '25 10:04 rainers