[question] VIRUS DETECTION on Asset conan-2.4.1-windows-x86_64.zip

[Weruminger]

What is your question?

Access Denied

Virus detected

You are not permitted to download the file "conan-2.4.1-windows-x86_64.zip" because it is infected with the virus "W32/PossibleThreat".

For assistance, contact your network support team.

Category | Information Technology -- | -- URL | https://objects.githubusercontent.com/github-production-release-asset-2e65be/47190624/8f758dcd-5367-428f-a575-5409432e447a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction/20240620/us-east-1/s3/aws4_request&X-Amz-Date=20240620T065746Z&X-Amz-Expires=300&X-Amz-Signature=f9d5ea1858a08ae0c978d0e5faa2681b9ff5b68d4c0e6353be8403645c0885ac&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=47190624&response-content-disposition=attachment%3B%20filename%3Dconan-2.4.1-windows-x86_64.zip&response-content-type=application/octet-stream

prior versions havn't been affected

Have you read the CONTRIBUTING guide?

• [ ] I've read the CONTRIBUTING guide

[memsharded]

Hi @Weruminger

Thanks for reporting.

This seems a known issue. The conan.exe self-contained executable inside the folder is created with pyinstaller, a tool that bundles the app with the Python interpreter. This tool creates binaries with some signature inside.

This pyinstaller tool has been used in the past to create some malicious applications, so some antivirus mark all created applications with pyinstaller as malicious.

We will investigate this again just in case, there will be some other options:

• You can install from PyPI (the most common approach) with pip install conan
• Creating the self contained executable from source yourself is straightforward, you can run the python pyinstaller.py script in the root of the repo, and it will create that executable

[czoido]

Hi @Weruminger,

Thanks a lot for reporting. I have been checking and I think that could be due to heuristic analysis by antivirus software, which might identify certain patterns in the file as suspicious even if the file is actually safe.

The only file that changes in checksum, for example, between 2.4.0 and 2.4.1 in the zip would be conan.exe (which is expected) although they get very different reports in virustotal:

2.4.1: https://www.virustotal.com/gui/file/3f2bbe5e28aadf60a62b6d1cd048d2784a4b5c56a03fcacb611e7ff0c5edcca5 2.4.0: https://www.virustotal.com/gui/file/9ff576a9c8e205b8a3f5934bb5d50d1d962167f63757a0f8ee35b8741938b444

I also re-generated the zip file for 2.4.1 in the CI and got other different results, so I think the issue could be caused by some kind of algorithm that tries to predict potential issues.

[Weruminger]

Thx You all I was only astonished, because it was the fist version I've got this finding. so I'll 1st upgrade to 2.2.40 (from 2.0.17) and if everything is fine (normally i can expect this ... because you make a great Job in Conan 2 development ... 🥇 ) I'll create the executable and zip file by my self.

so from my perspective, the issue can be closed.

[czoido]

Thx You all I was only astonished, because it was the fist version I've got this finding. so I'll 1st upgrade to 2.2.40 (from 2.0.17) and if everything is fine (normally i can expect this ... because you make a great Job in Conan 2 development ... 🥇 ) I'll create the executable and zip file by my self.

so from my perspective, the issue can be closed.

Thank you so much for reporting and you kind words, closing this issue then.