doug-101
commented
2 years ago These trojan warnings are almost always false positives. The python libraries and the tools that create the executables and installers tend to leave a specific signature, regardless of what the python code actually does. When an actual trojan is written using same tools, some antivirus software flags all applications that have a similar signature. I'm not sure about virustotal, but most antivirus companies allow you to submit software for a closer look, so they will remove the false positive.
Just to be safe, I checked several things:
- The checksum of the files at GitHub matches the checksum of the files I built 1.5 years ago.
- The checksums also match on a repeated ConvertAll build done today.
- The same source code is used to create both installers as well as the Linux source.
- The same python libraries and executable creation tools for all ConvertAll builds as well as several other projects.
- I've received no other complaints, even after thousands of downloads.
Thanks, Doug
Doug,
I sent you an email about this issue but wanted to flag it on GH as an issue as well:
Doug,
I have a client that utilizes ConvertAll in his daily workflow, and has encountered difficulties recently due to Webroot Secure Anywhere antivirus software quarantining the C:\Program Files\ConvertAll\CONVERTALL.exe due to a detected Trojan.
I've run both the all users and single user installers through https://www.virustotal.com/ and it appears the all users installer does indeed contain a trojan. The single user installer does not.
Just wanted to send over a heads up as your web host file repository may have been compromised.