Closed cguo2013 closed 3 years ago
It's a false positive. For some reason, antiviruses don't like how Windows.exe is a self-extractor (it extracts itself into a directory and then runs the actual script) and they mark many pyinstaller executable as malware. If you're worried about the detection, the Windows.zip download should not be reported as anything, but you say it does, so I need more info on which exact file was marked as a false positive.
zip archive is also being marked as virus. Windows 10 will not allow me to download either.
Just don't use it, if you really think it's a virus.
I confirm this is NOT a false positive. Please check your source code and compiling environments, it is dangerous. pcrisk.com/removal-guides/14989-win32zpevdo-trojan
And how are you confirming it? Have you reverse-engineered the app? False positives can be detected as any malware strain. I know it's a false positive because this app makes 0 attempt to touch Windows Firewall (it doesn't even download anything, everything's self contained). It's only being reported as a false positive because some anti-virus developers decided to mark files that are crucial for every packaged Python app to run as a virus, instead of doing more research to actually determine if Windows Firewall settings are being modified or not.
If you really care about the detection that much, install Python, install the dependencies, and run the app from source yourself.
Trojan was detected while download windows verion exe and zip file, please be serious checking this problem and see if your IDE/Complier has been infected already!
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3aWin32%2fZpevdo.B&threatid=2147729093