Hi Brian,
Thank you very much for signing up to support the Excel-DNA project on GitHub Sponsors!
Which runtime are you targeting with the add-in: .NET Framework or .NET 6?
That makes a difference to how the ExcelDna.ManagedHost.dll is loaded.
I think the .NET 6 approach is more fragile, because an anti-virus or similar might block the file when it is written, or delete it before it can be loaded used.
You might also check whether you can update the .NET installation – I guess something can go wrong there as well.
There is now an option with Excel-DNA v 1.6.0 to make a completely ‘unpacked’ add-in, where all the assemblies are external to the .xll file.
For this you add a property to the project file:
<ExcelDnaUnpack>true</ExcelDnaUnpack>
The result will be a version of the add-in in the publish directory where everything (including the Excel-DNA support assemblies like ExcelDna.ManagedHost.dll) is unpacked.
You can test on your problem computer with the files in this directory – it eliminates both the in-memory extraction of the resource, and the file copy to a temp directory.
So you should find that any anti-virus problem is already shown when you copy the files to a local directory.
The only other thought is to look in the Windows event logs for anything suspicious around the time you are trying to load the add-in.
--
You received this message because you are subscribed to the Google Groups "Excel-DNA" group.
To unsubscribe from this group and stop receiving emails from it, send an email to exceldna+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/9b3d02ca-5cb3-4418-bfdc-7fdf4078c95cn%40googlegroups.com.
Hi Brian,
I suggest you report the false positive to ESET.
As I recall they are particularly helpful and responsive.
-Govert
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/8493d904-2e56-4ddb-9ef3-758bfb0bbd1an%40googlegroups.com.
Hi Brian,
That’s a very useful response – thank you very much.
They are correct that for v1.6 I’ve added an encoding to the packed assembly files to avoid some of the trouble, and that might make it harder for ESET to scan the internal assemblies in an add-in. There was a user contribution to add an option to leave the embedded assemblies uncompressed, but the implementation of my encoding clashes, so there is no option to make a completely transparent packed .xll, where the internal assemblies can then be scanned. We will add such an option for a point release – I think it will be a useful option, though I’ll probably not make it the default for now.
The unpacked ExcelDna.ManagedHost.dll file is itself not obfuscated or encoded, so you are right that detecting this individual file might give the wrong impression. But it might just be that this is the mechanism NOD32 uses to block the add-in / all add-ins using the Excel-DNA version from loading.
There response here is the most helpful I’ve seen from a security vendor. I’m happy to help then work towards a safe option. For now my best plan is to implement the ‘transparent and uncompressed packing’ option in addition to the existing ‘ExcelDnaUnpack’ option where there are no assemblies packed or encoded in any way. You can track the ‘transparent and uncompressed packing’ option with this issue: Change `ExcelDnaPackCompressResources: false` to also remove encoding and not compress all assemblies · Issue #513 · Excel-DNA/ExcelDna (github.com)
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/499cdc72-e0af-4e12-8c26-7db6e47f8d99n%40googlegroups.com.
Hi Brian,
Maybe you can ask them about this version.
I’m happy to cooperate and make other changes they might suggest to you.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/7188a842-1c1c-409d-b039-36c52b9c4bfbn%40googlegroups.com.
It sometimes takes a few hours – I suspect it also triggers some checking there.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/575441ff-3e56-45ac-8fbe-97de19388268n%40googlegroups.com.
Hi Brian,
Yes, we have removed both the encoding and the compression from the packed resource, to try to appease our anti-virus friends – that means the resources contain completely transparent Win32 binaries.
I think the line you you’ve commented out is the only place that is changed to disable the compression: Disabled compression. · Excel-DNA/ExcelDna@3df654c (github.com)
You would have to rebuild the whole solution and then build the packages to get a build task that has the compression enabled again when rebuilding your own project.
The managed resolver is only used if you:
I’ll make an update to the source to remove the commented out encoding methods as ESET suggests, and publish an updated version soon.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/8f49c7e4-df88-4744-abbe-e7e5da2c00c3n%40googlegroups.com.
Hi Brian,
I’m glad we are able to make ESET happy at last.
It seemed like a good idea to make a version where the packing is completely transparent – no compression or encoding – to keep any anti-virus that wants to look inside happy. Does the compression make a big difference in your life? How big are the uncompressed vs. compressed packed files?
Technically it would not be difficult to add the compression back, or even make it an option as you say. We just have to weigh the benefit of slightly smaller file vs. having another configuration option.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/9aa80655-68f8-4e94-bd1b-2f8ae4ff06dfn%40googlegroups.com.
On Nov 8, 2022, at 8:37 AM, Govert van Drimmelen <govert.va...@gmail.com> wrote:
You received this message because you are subscribed to a topic in the Google Groups "Excel-DNA" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/exceldna/Tz2IHKIEziM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to exceldna+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/000801d8f377%243715e830%24a541b890%24%40gmail.com.
Hi Brian,
With the newest version, you can set a project property to disable the compression:
<ExcelDnaPackCompressResources>false</ExcelDnaPackCompressResources>
That should let you run the current version, and still get the earlier behaviour.
To view this discussion on the web visit https://groups.google.com/d/msgid/exceldna/25445288-13df-4abf-90d5-3f740f1bced4n%40googlegroups.com.