← Back to index | Original Bugzilla link

Bug 20325 – Windows Defender detects msbuild\pipelink.exe as a trojan virus

Status: RESOLVED
Resolution: FIXED
Severity: minor
Priority: P1
Component: visuald
Product: D
Version: D2
Platform: x86
OS: Windows
Creation time: 2019-10-26T19:49:37Z
Last change time: 2019-11-17T17:42:44Z
Assigned to: No Owner
Creator: Andrej Petrovic

Comments

Comment #0 by 9andrej6 — 2019-10-26T19:49:37Z

I just had Windows Defender report a malicious program: C:\Program Files (x86)\VisualD\msbuild\pipelink.exe In the "detected item" column, it says "Trojan:Win32/Fuerboos.E!cl" The version of Visual D is 0.50.1, and Windows Defender updated its virus definitions at 14:30 UTC today, October 26th. I assume this is a false positive?

Comment #1 by r.sagitario — 2019-10-29T07:42:04Z

Digitally signing the file seems to convince most AV programs that it is harmless. A preliminary build is here: https://gist.github.com/rainers/6cdf73b48837defb9f88/raw/72489c399e1c0e889a13e6efb1015957e65a5405/pipelink.exe

Comment #2 by tim.seguine — 2019-11-01T11:14:41Z

I reported the false positive to Microsoft and they removed it, but this will likely continue to happen.

Comment #3 by r.sagitario — 2019-11-01T12:07:39Z

(In reply to Timothy Seguine from comment #2) > I reported the false positive to Microsoft and they removed it, but this > will likely continue to happen. Cool, thanks. The next release will have this file signed, too, so it is less likely to happen again.

Comment #4 by r.sagitario — 2019-11-17T17:42:44Z

https://github.com/dlang/visuald/releases/tag/v0.51.0-beta1 contains a signed version of pipelink.exe