[Issue 16405] Trojan Win32/Ipac.B!cl detected on dmd-2.071.1.exe

Aug 20, 2016

Jonathas

Aug 20, 2016

Aug 20, 2016

Aug 20, 2016

Aug 21, 2016

Aug 22, 2016

Sep 19, 2016

Sep 22, 2016

Jan 31, 2017

Jul 01, 2017

Mar 21, 2020

https://issues.dlang.org/show_bug.cgi?id=16405 Jonathas <jdcbranco@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jdcbranco@gmail.com --

https://issues.dlang.org/show_bug.cgi?id=16405 Lodovico Giaretta <lodovico@giaretart.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lodovico@giaretart.net Severity|blocker |critical --- Comment #1 from Lodovico Giaretta <lodovico@giaretart.net> --- (In reply to Jonathas from comment #0) > Downloading the DMD compiler version 2.071.1 for Windows triggered my antivirus system. Please run scans on the offered download version of dmd. It's a false positive. It is safe. You can check Martin Novak's signature on it [1]. So the real problem is finding a way to avoid antiviruses from signalling it, as it's definitely not a virus. [1] https://dlang.org/gpg_keys.html --

https://issues.dlang.org/show_bug.cgi?id=16405 greenify <greeenify@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |greeenify@gmail.com --- Comment #2 from greenify <greeenify@gmail.com> --- This has been reported quite often in the NG too: https://forum.dlang.org/thread/rsxkofggmjveairlheka@forum.dlang.org Code signing has been suggested as a possible solution: https://forum.dlang.org/thread/akxxnjatohebpmhbeqip@forum.dlang.org --

https://issues.dlang.org/show_bug.cgi?id=16405 --- Comment #3 from Jonathas <jdcbranco@gmail.com> --- Created attachment 1610 --> https://issues.dlang.org/attachment.cgi?id=1610&action=edit After installing it I disabled Windows defender and installed, now the antivirus kicks in again complaining about one of the files that the installer deployed, nsis6-ddemangle.exe. Looks like one of the dependencies is infected. My antivirus is trying to remove that file. --

August 21, 2016

[Issue 16405] Trojan Win32/Ipac.B!cl detected on dmd-2.071.1.exe

Posted by b2.temp@gmx.com

Permalink

b2.temp@gmx.com

Permalink

https://issues.dlang.org/show_bug.cgi?id=16405

b2.temp@gmx.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |b2.temp@gmx.com

--- Comment #4 from b2.temp@gmx.com ---
(In reply to Jonathas from comment #3)
> Created attachment 1610 [details]
> After installing it
> 
> I disabled Windows defender and installed, now the antivirus kicks in again complaining about one of the files that the installer deployed, nsis6-ddemangle.exe. Looks like one of the dependencies is infected. My antivirus is trying to remove that file.

Waiting for a new setup you can do this instead: remove any previous garbages
and download the 7z archive:
To complete the setup:
- unpack the contained folder where you wished to setup.
- add the path of the sub-directory named "bin" (the one that contains dmd.exe,
ddemangle.exe, etc) to the system PATH.

--

https://issues.dlang.org/show_bug.cgi?id=16405 --- Comment #5 from Sobirari Muhomori <dfj1esp02@sneakemail.com> --- I uploaded the file at https://www.microsoft.com/en-us/security/portal/submission/submit.aspx for online scan with microsoft antivirus and it tells that the file is not detected. --

https://issues.dlang.org/show_bug.cgi?id=16405 Martin Nowak <code@dawg.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |code@dawg.eu --- Comment #6 from Martin Nowak <code@dawg.eu> --- (In reply to Sobirari Muhomori from comment #5) > I uploaded the file at https://www.microsoft.com/en-us/security/portal/submission/submit.aspx for online scan with microsoft antivirus and it tells that the file is not detected. How did you manage to upload the installer exe that is bigger than 10MB? --

https://issues.dlang.org/show_bug.cgi?id=16405 --- Comment #8 from anonymous4 <dfj1esp02@sneakemail.com> --- About signing: http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html >Several times AV software blocked Firefox updates But firefox components are all signed. --

https://issues.dlang.org/show_bug.cgi?id=16405 Vladimir Panteleev <dlang-bugzilla@thecybershadow.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |dlang-bugzilla@thecybershad | |ow.net Resolution|--- |WORKSFORME --- Comment #9 from Vladimir Panteleev <dlang-bugzilla@thecybershadow.net> --- Is this still a problem? Generally, false positives need to be reported to the antivirus vendor. Reports from end-users are more effective than reports from the software's authors, so generally (aside from code signing, possibly), there is nothing that could be done from D's side. I'll close this for now as the bug is close to being a year old; please reopen if this false positive (Win32/Ipac.B!cl) still affects current releases of DMD. --

Forums