Trojan.MBT,gen detected by AV software

[danieljeannetot]

Hi,

As the online version of the XLSForm from odk was returning gateway error.
I tried to use XLSForm Offline.

My antivirus (Symantec Endpoint protection) instantly detects the .exe as a malware.
No possibility to override it (organisation-wide)

Just wanted to bring this up to your attention.

[yanokwa]

Thanks so much for reporting this issue, @cyannuremagik! Any chance I could get you to share a screenshot of the error? Could you talk with your IT team to see if they could whitelist the app?

[yanokwa]

Here's what I've learned in my initial investigation.

Py2exe and pyinstaller both bundle a precompiled bootloader program, which I believe is responsible for actually launching the interpreter. Because this same bootloader is included in actual malware packaged with py2exe you get a signature match and a false positive.

https://www.reddit.com/r/Python/comments/7t8306/i_used_py2exenet_and_got_a_windows_warning_for/dtb0zww/

Users can help by:

1. Letting BitDefender know about this false positive.
2. Trying other antiviruses at https://www.virustotal.com to confirm that
   the application is virus free
3. Using XLSForm Online at http://opendatakit.org/xlsform instead

Devs can help by:

1. Building our own bootloader. https://pythonhosted.org/PyInstaller/bootloader-building.html

[yanokwa]

I've written up documentation at getodk/docs#780 to explain this issue as a short-term fix.

@cyannuremagik are you willing to try a test build that might fix this issue?