Company admin refuses pyrevit says it contains malware (?!?)

Tools
1

“Dear Mr. Monero, Thank you for your request. We have reviewed the reasons of the automatic block action by AdminByRequest, and it’s due to the file containing a Trojan (Trojan/Malware!2pCjDQTN). This can be related to not using trusted downloading sources. In this case it’s a OpenSource software with no guarantee, nor support. It’s strongly discouraged to avoid downloading software from non-validated sources. If this software is so business important, we would encourage you to contact the Product Owner of Autodesk/AutoCAD to consider this demand and source adequate software packages to accomplish the required tasks.”

Now, I have used pyrevit for years, but I cannot in my new computer, and this is slowing a lot my work :frowning:

What is this Trojan he is talking about?

2

Hi Pmonero,
about which files are they talking exactly?

However, they can fork the repo make adjustments they don’t like and create a “safe” installer by themself

Best,
Thommy

2 Likes
3

5.0.0.25034 admin signed installer was the file

I wish our team could do the adjustments but it is hard even to ask auth for installing anything :frowning:

4

Thats… concerning.

Can they provide further information on the nature of the file and how it was detected? E.g. is it bundled in with the dll or in a particular location of the installed files.

Sometimes some AV software sees files as malware that may not actually be true malware.

5

The reference to the said Trojan is nowhere to be found on the internet…

#sarcasm
We tend to spend our free time fixing tools and making new ones. We have no time to spend in the malware development business.

Can you get you IT to take a look at 5.0.1?

1 Like
6

:rofl: Considering our demands? What planet do they live on?! If Autodesk did that, pyRevit wouldn’t even exist!

7

The world needs an open source BIM software for Linux.

1 Like
8

I took them by exhaustion and escalated until they gave me full access, so at least I myself am set :slight_smile:

next fight will be convincing to deploy it for my modelers

thank you for your precious work

1 Like
9

BlenderBIM (now Bonsai)

1 Like
10

My main reason for liking this is “Thommy”. As a Thomas I appreciate this :smile:

I also agree in this as an option, as we utilize this approach on our variations as well.

11

…somewhat related. Our IT imposed another security protocol over the weekend. We walked in and all 2023 projects on the cloud failed. This protocol is in ADSK 2024 and 2025, but not 2023.
Our only option is to upgrade everything to 2024 or beyond. Now we have a 2023 casino in construction with released drawings and we have to upgrade the project. A lot of data. A lot of files. And we have to ensure 100% drawing fidelity. That’s going to be massive man hours.

1 Like
12

some of those hours could be invested throwing the IT out of the window

3 Likes
13

Far out what ever happened to canary testing.

This seems to be more and more common with ‘IT’ departments these days. Only a matter of time before they cause even bigger issues.

I’m on team defenestration as well.

1 Like
14

Dude… that’s crazy. I would be protesting. Hope your models don’t break during upgrade!

15

Just to clarify the issue (from what I know):

  • Antivirus/anti-threat programs using heuristic can sometimes report false positives, and most of them don’t tollerate dlls and exe files without the signature; Windows Defender Smart Screen will complain about and block unsigned programs;
  • signing the files is not free, and most of the small, open-source programs cannot afford to sign their releases
  • until pyRevit 4.x, all the dlls and executables (installer included) have been signed using a certificate that Ehsan bought a while ago, but unfortunately we’re past its expiration date.
  • @Jean-Marc did the tremendous job of finding the right solution to keep signing the files without having to sell a kidney :rofl:
  • unfortunately, the pipeline for the 5.0.0 release wasn’t set up correctly, so the installer was signed, but the dlls in it were not. That’s why AdminByRequest treated pyrevit as a threat
  • This was fixed by the release of pyRevit 5.0.1, so you can safely use this version in your corporate environment (then use pyrevit to run python to send a real trojan to your IT :sweat_smile:)

BTW: I won’t trust a security company that sponsors the slowest F1 team of the last year :rofl:

3 Likes