Py2Exe 应用程序被 Windows Defender 标记为恶意软件；该怎么办? [英] Py2Exe application flagged as malware by Windows Defender; what to do?

问题描述

我用 Python 2.x、PyQT4 和 MySQLdb 为我的公司编写了一个应用程序，并用 py2exe 打包.

I have an application I wrote for my company in Python 2.x, PyQT4, and MySQLdb and packaged with py2exe.

最近，我对该应用程序进行了一些更新，将其移植到 Python 3.4 和 PySide.我还删除了 MySQLdb 依赖项并添加了请求.我将它与用于 Python 3 的新生成的 py2exe 打包在一起.

Recently, I made some updates to the application, Porting it to Python 3.4 and PySide. I also removed the MySQLdb dependencies and added Requests. I packaged this with the newly-minted py2exe for Python 3.

我突然被 Windows 防御者标记为我的可执行文件是恶意软件.这是日志条目:

Suddenly I'm getting flagged by Windows defender that my executable is malware. Here's the log entry:

Windows Defender has detected spyware or other potentially unwanted software.
 For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Zwangi&threatid=144384
Name:BrowserModifier:Win32/Zwangi
ID:144384
Severity:High
Category:Browser Modifier
Path Found:file:C:\Users\alan.moore\Desktop\ticketuserclient3-beta1\ticketuserclient3\Contact tech support.exe
Detection Type:Concrete
Detection Source:Downloads and attachments
Status:Unknown
User:WILLIAMSON-TN\alan.moore
Process Name:C:\Windows\Explorer.EXE

所以我的问题是:

• 为什么我被标记为恶意软件?如何确定确切原因?
• 除了在需要部署到的所有 600 多个工作站上允许"此操作外，我还能做些什么?
• 检测类型:具体"是什么意思?

感谢您的帮助.

更新:显然我在 python3.4 下用 py2exe 编译的任何东西都会被识别成这样.

UPDATE: Apparently anything I compile with py2exe under python3.4 gets identified like this.

我试过这个脚本:

import sys
import platform

print (sys.platform)
print ("".join(platform.uname))

还有这个 setup.py

And this setup.py

from distutils.core import setup
import os
import py2exe

setup(
    windows=[{"script":"test.py", "dest_base":"Contact tech support"},],
    options= {
        "py2exe" : {
            "compressed":1,
            "optimize":2,
            "bundle_files":3
            }
        },
        zipfile = None
)

它被标记为恶意软件.(Win32/Zwangi).

It's flagged as malware. (Win32/Zwangi).

推荐答案

我使用了 Microsoft 的提交示例"页面 报告 https://pypi.python.org/packages/3.4/p/py2exe/py2exe-0.9.2.0-py33.py34-none-any.whl作为 2014 年 6 月 20 日的误报.截至 2014 年 6 月 23 日，它不再被检测为 BrowserModifier:Win32/Zwangi 或其他任何内容.

I used Microsoft's "Submit a sample" page to report https://pypi.python.org/packages/3.4/p/py2exe/py2exe-0.9.2.0-py33.py34-none-any.whl as a false positive on June 20, 2014. As of June 23, 2014 it was no longer detected as BrowserModifier:Win32/Zwangi or anything else.

这篇关于Py2Exe 应用程序被 Windows Defender 标记为恶意软件；该怎么办?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！