search

getodk / xlsform-offline

ODK XLSForm Offline is a Python application for converting an XLSForm into an XForm that is valid and compliant with the ODK XForms specification. Contribute and make the world a better place! ✨🌍✨
Other
17 stars 26 forks source link

Trojan.MBT,gen detected by AV software #14

Open danieljeannetot opened 6 years ago

danieljeannetot commented 6 years ago

Hi,

As the online version of the XLSForm from odk was returning gateway error. I tried to use XLSForm Offline.

My antivirus (Symantec Endpoint protection) instantly detects the .exe as a malware. No possibility to override it (organisation-wide)

Just wanted to bring this up to your attention.

yanokwa commented 6 years ago

Thanks so much for reporting this issue, @cyannuremagik! Any chance I could get you to share a screenshot of the error? Could you talk with your IT team to see if they could whitelist the app?

yanokwa commented 6 years ago

Here's what I've learned in my initial investigation.

Py2exe and pyinstaller both bundle a precompiled bootloader program, which I believe is responsible for actually launching the interpreter. Because this same bootloader is included in actual malware packaged with py2exe you get a signature match and a false positive.

https://www.reddit.com/r/Python/comments/7t8306/i_used_py2exenet_and_got_a_windows_warning_for/dtb0zww/

Users can help by:

  1. Letting BitDefender know about this false positive.
  2. Trying other antiviruses at https://www.virustotal.com to confirm that the application is virus free
  3. Using XLSForm Online at http://opendatakit.org/xlsform instead

Devs can help by:

  1. Building our own bootloader. https://pythonhosted.org/PyInstaller/bootloader-building.html
yanokwa commented 6 years ago

I've written up documentation at https://github.com/opendatakit/docs/pull/780 to explain this issue as a short-term fix.

@cyannuremagik are you willing to try a test build that might fix this issue?