• ShadoLight (18/18) Aug 03 2017 Hi,
• Rainer Schuetze (13/36) Aug 03 2017 It seems this is getting worse for dmd built executables.
• jj (3/18) Aug 03 2017 it still does not work with my VS 2017. after install it does not
• Rainer Schuetze (16/42) Aug 04 2017 Sorry to hear that but I didn't really expect any magic solution just
• Rainer Schuetze (3/26) Aug 06 2017 This seems to pass most anti-virus programs on virustotal:
• ShadoLight (2/6) Aug 07 2017 Thanks Rainer, very much appreciated!
• Ozan (O/N/S) (6/11) Aug 23 2017 Hi
• Jolly James (6/19) Aug 25 2017 This is a general problem and will possibly happen with all AV

ShadoLight <ettienne.gilbert gmail.com> writes:

Hi,

For other users of McAfee AV software: Note that, during the 
installation of VisualD 0.45.0, the VisualD.dll is detected as 
GenericRXBS-NK!9A26B67896F trojan by my McAfee AV (Enterprise 
v8.8 in my case).

Since I have been using VisualD (and D) for practically forever I 
am sure this is a false-positive, and caused by McAfee's 
new-fangled 'generically detected malware' algorithm!

I tried using the Quarantine Manager to 'restore' VisualD.dll, 
but this does not work since McAfee does not 'remember' 
previously restored files, and quarantine it every time VS loads 
the DLL.

Since this is a corporate PC I cannot disable McAfee, so this 
even stops me from ZIPping the damn DLL (to email to McAfee for 
analysis).

I'll have to revert to VisualD 0.45.0-rc2 for now, but it would 
be useful if someone can report this according to [1).

[1]: https://kc.mcafee.com/corporate/index?page=content&id=KB85567

Rainer Schuetze <r.sagitario gmx.de> writes:

On 03.08.2017 14:00, ShadoLight wrote:
 Hi,
 
 For other users of McAfee AV software: Note that, during the 
 installation of VisualD 0.45.0, the VisualD.dll is detected as 
 GenericRXBS-NK!9A26B67896F trojan by my McAfee AV (Enterprise v8.8 in my 
 case).
 
 Since I have been using VisualD (and D) for practically forever I am 
 sure this is a false-positive, and caused by McAfee's new-fangled 
 'generically detected malware' algorithm!
 
 I tried using the Quarantine Manager to 'restore' VisualD.dll, but this 
 does not work since McAfee does not 'remember' previously restored 
 files, and quarantine it every time VS loads the DLL.
 
 Since this is a corporate PC I cannot disable McAfee, so this even stops 
 me from ZIPping the damn DLL (to email to McAfee for analysis).
 
 I'll have to revert to VisualD 0.45.0-rc2 for now, but it would be 
 useful if someone can report this according to [1).
 
 [1]: https://kc.mcafee.com/corporate/index?page=content&id=KB85567
 

It seems this is getting worse for dmd built executables.

VirusTotal also shows the McAfee failures, and 3 other engines complain, 
too. If I build Visual D against the MS-Runtime instead of the 
DigitalMars-Runtime, no virus is detected.

Unfortunately the DLL grows from 3 MB to 9 MB, which seems to uncover a 
bug somewheree in the tool chain. That might not be a show stopper, 
though, and I wanted to switch to the COFF builds eventually anyway.

The autotester has also created the same version, maybe it passes McAfee 
as is: 
https://ci.appveyor.com/project/rainers/visuald/build/job/2g40k1pgyxg58avv/artifacts
It isn't built with the precise GC, though, so it might eat a bit more 
memory if you edit large files.

jj <jj aol.com> writes:

On Thursday, 3 August 2017 at 16:58:33 UTC, Rainer Schuetze wrote:
 On 03.08.2017 14:00, ShadoLight wrote:
 [...]

 It seems this is getting worse for dmd built executables.

 VirusTotal also shows the McAfee failures, and 3 other engines 
 complain, too. If I build Visual D against the MS-Runtime 
 instead of the DigitalMars-Runtime, no virus is detected.

 Unfortunately the DLL grows from 3 MB to 9 MB, which seems to 
 uncover a bug somewheree in the tool chain. That might not be a 
 show stopper, though, and I wanted to switch to the COFF builds 
 eventually anyway.

 The autotester has also created the same version, maybe it 
 passes McAfee as is: 
 https://ci.appveyor.com/project/rainers/visuald/build/job/2g40k1pgyxg58avv/artifacts
 It isn't built with the precise GC, though, so it might eat a 
 bit more memory if you edit large files.


it still does not work with my VS 2017. after install it does not 
show up in the menu, it does not know d. sorry for the bad news.

Rainer Schuetze <r.sagitario gmx.de> writes:

On 03.08.2017 19:58, jj wrote:
 On Thursday, 3 August 2017 at 16:58:33 UTC, Rainer Schuetze wrote:
 On 03.08.2017 14:00, ShadoLight wrote:
 [...]

 It seems this is getting worse for dmd built executables.

 VirusTotal also shows the McAfee failures, and 3 other engines 
 complain, too. If I build Visual D against the MS-Runtime instead of 
 the DigitalMars-Runtime, no virus is detected.

 Unfortunately the DLL grows from 3 MB to 9 MB, which seems to uncover 
 a bug somewheree in the tool chain. That might not be a show stopper, 
 though, and I wanted to switch to the COFF builds eventually anyway.

 The autotester has also created the same version, maybe it passes 
 McAfee as is: 
 https://ci.appveyor.com/project/rainers/visuald/build/job/2g40k1
gyxg58avv/artifacts 

 It isn't built with the precise GC, though, so it might eat a bit more 
 memory if you edit large files.

 
 
 it still does not work with my VS 2017. after install it does not show 
 up in the menu, it does not know d. sorry for the bad news.

Sorry to hear that but I didn't really expect any magic solution just 
from bumping the version number.

 From your last posted error message, I suspect that the 3 files written 
by the installer at "c:\Program Files (x86)\Microsoft Visual 
Studio\2017\Community\Common7\IDE\Extensions\Rainer 
Schuetze\VisualD\0.45" exist? Maybe there are older files in parallel 
folders? If yes, try deleting these.

VS2017 transfers settings from these extension files into a "private 
registry" 
%AppData%\Local\Microsoft\VisualStudio\15.0_ade21380\privateregistry.bin, 
maybe you can make that file available for download somewhere so I can 
check whether entries in there look ok.

Are you using the english version of VS or some other language? Maybe 
there is something wrong in how Visual D handles this, but I have seen 
it working with german versions (though not with VS2017 yet).

Rainer Schuetze <r.sagitario gmx.de> writes:

On 03.08.2017 14:00, ShadoLight wrote:
 Hi,
 
 For other users of McAfee AV software: Note that, during the 
 installation of VisualD 0.45.0, the VisualD.dll is detected as 
 GenericRXBS-NK!9A26B67896F trojan by my McAfee AV (Enterprise v8.8 in my 
 case).
 
 Since I have been using VisualD (and D) for practically forever I am 
 sure this is a false-positive, and caused by McAfee's new-fangled 
 'generically detected malware' algorithm!
 
 I tried using the Quarantine Manager to 'restore' VisualD.dll, but this 
 does not work since McAfee does not 'remember' previously restored 
 files, and quarantine it every time VS loads the DLL.
 
 Since this is a corporate PC I cannot disable McAfee, so this even stops 
 me from ZIPping the damn DLL (to email to McAfee for analysis).
 
 I'll have to revert to VisualD 0.45.0-rc2 for now, but it would be 
 useful if someone can report this according to [1).
 
 [1]: https://kc.mcafee.com/corporate/index?page=content&id=KB85567
 

This seems to pass most anti-virus programs on virustotal:

https://github.com/dlang/visuald/releases/tag/v0.45.1-rc1

ShadoLight <ettienne.gilbert gmail.com> writes:

On Sunday, 6 August 2017 at 12:03:37 UTC, Rainer Schuetze wrote:
 On 03.08.2017 14:00, ShadoLight wrote:
 [...]

 This seems to pass most anti-virus programs on virustotal:

 https://github.com/dlang/visuald/releases/tag/v0.45.1-rc1

Thanks Rainer, very much appreciated!

Ozan (O/N/S) <ozan.sueel gmail.com> writes:

On Thursday, 3 August 2017 at 12:00:39 UTC, ShadoLight wrote:
 Hi,

 For other users of McAfee AV software: Note that, during the 
 installation of VisualD 0.45.0, the VisualD.dll is detected as 
 GenericRXBS-NK!9A26B67896F trojan by my McAfee AV (Enterprise 
 v8.8 in my case).

Hi
Are you sure about, that it is a only VisualD problem?
I got a similar message from McAfee using the current DMD with 
Dub.

Regards Ozan

Jolly James <j.j jmail.com> writes:

On Wednesday, 23 August 2017 at 13:31:37 UTC, Ozan (O/N/S) wrote:
 On Thursday, 3 August 2017 at 12:00:39 UTC, ShadoLight wrote:
 Hi,

 For other users of McAfee AV software: Note that, during the 
 installation of VisualD 0.45.0, the VisualD.dll is detected as 
 GenericRXBS-NK!9A26B67896F trojan by my McAfee AV (Enterprise 
 v8.8 in my case).

 Hi
 Are you sure about, that it is a only VisualD problem?
 I got a similar message from McAfee using the current DMD with 
 Dub.

 Regards Ozan

This is a general problem and will possibly happen with all AV 
software. And many of them that use heuristics will flag any 
port-opening D program (e.g. DCD) as "Generic.XYZ".

Please remember, "Generic" means, your AV tool has no idea what 
it actually is, but it looks very suspicious.