Quote:
Originally Posted by chiark
Just tried to download this, and your file is being flagged as a trojan by Windows SmartScreen - it matches the signature of Trojan:Win32/Wacatac.B!ml within amigaxfer/amigaxfer.exe.
I've just run amigaxfer.exe through virustotal.com and EVERY engine is flagging it as malicious.
https://www.virustotal.com/gui/file/...1748/detection
Any ideas what's going on? |
Notice it's far from every engine and that they each detect different things. At some point in time, somebody must have written malicious code using the python language, then packaged it into an executable with pyinstaller, which is the most popular open source tool for turning python into binaries. So now a common code pattern in pyinstaller-made executables is detected by some antiviruses.
Unfortunately, this is a common occurrence, and there's not much that can realistically be done, besides telling AV vendors it's a false positive and hope their databases will improve over time.
Refer to
https://github.com/pyinstaller/pyinstaller/issues/4633
I do my development work on Linux, and the binaries were built in a clean Win7 vm with no inbound network connectivity, installed from a microsoft ISO for the single purpose of building amigaXfer binaries that work on win7 32bit and higher. This should be a fairly decent standard as far as making binary releases goes.
Ultimately, you do not need to trust the binaries; You can install python, pyserial, wxpython and run amigaXfer
from sources. You'll also need the m68k object files, you can copy over from the windows release 'asm' directory, or build yourself from the source with vasm or phxass. A vasm-based Makefile is provided. You can package your own binaries with pyinstaller, too, using the .spec file included in the sources.