Menu
I have an application I wrote for my company in Python 2.x, PyQT4, and MySQLdb and packaged with py2exe.
Recently, I made some updates to the application, Porting it to Python 3.4 and PySide. I also removed the MySQLdb dependencies and added Requests. I packaged this with the newly-minted py2exe for Python 3.
Suddenly I'm getting flagged by Windows defender that my executable is malware. Here's the log entry:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Zwangi&threatid=144384
Name:BrowserModifier:Win32/Zwangi
ID:144384
Severity:High
Category:Browser Modifier
Path Found:file:C:\Users\alan.moore\Desktop\ticketuserclient3-beta1\ticketuserclient3\Contact tech support.exe
Detection Type:Concrete
Detection Source:Downloads and attachments
Status:Unknown
User:WILLIAMSON-TN\alan.moore
Process Name:C:\Windows\Explorer.EXE
So my questions are:
Thanks for any help.
UPDATE: Apparently anything I compile with py2exe under python3.4 gets identified like this.
I tried with this script:
import sys
import platform
print (sys.platform)
print ("".join(platform.uname))
And this setup.py
from distutils.core import setup
import os
import py2exe
setup(
windows=[{"script":"test.py", "dest_base":"Contact tech support"},],
options= {
"py2exe" : {
"compressed":1,
"optimize":2,
"bundle_files":3
}
},
zipfile = None
)
It's flagged as malware. (Win32/Zwangi).
216
Is py2exe safe to use? The python package py2exe was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use.
Automatic Scans Like other anti-malware applications, Windows Defender automatically runs in the background, scanning files when they are accessed and before user open them. When a malware is detected, Windows Defender inform you. It won't ask you what you want to do with the malicious software it finds.
Microsoft Defender Antivirus is a built-in malware scanner for Microsoft Windows 10. As part of the Windows Security suite, it will search for any files or programs on your computer that can cause harm to it. Defender looks for software threats like viruses and other malware across email, apps, the cloud, and the web.
I used Microsoft's "Submit a sample" page to report https://pypi.python.org/packages/3.4/p/py2exe/py2exe-0.9.2.0-py33.py34-none-any.whl as a false positive on June 20, 2014. As of June 23, 2014 it was no longer detected as BrowserModifier:Win32/Zwangi or anything else.
59
Even the py2exe executable itself is being flagged as malware. It was discussed in http://www.reddit.com/r/Python/comments/26g157/py2exe_now_available_for_python_33/ - the latest VirusTotal scan shows 9/51 scanners finding malware in it.
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
