TechQA.

Windows Defender detecting Python EXE as Trojan

8.6k views Asked by At

I made a Python script that mails a Windows directory as zip to me. I added a scheduler using sched module that repeats this every hour.

I was attempting to make a simple sync application for personal use that starts at Windows Startup.

I converted it to exe using pyinstaller --onefile argument and it worked flawlessly. But after a couple of days, Windows defender (Windows Security Centre of Windows 10) detected it as a Trojan.

This issue is not limited to Windows Security Centre, A quick scan on Virus Total says 4 antivirus detects it as Trojan.

What brings the Antiviruses to think this? I don't think sharing the code is any use as proper details have already been given, but still, a comment would make me do it.

python windows windows-defender virus-definitions
Original Q&A
2

There are 2 answers

0
TheRealSuicune On

It must be a something else that made Windows Defender suddenly think it's bad. Maybe it's an update, try updating it.

0
Andrew On

Most antiviruses will mark this as a Win32.Trojan.whatever because it will detect that the EXE executable is simply extracting binary code. This works just like a ZIP, where Gmail blocks ZIPs.

To summarize, this is like a self extracting EXE, so kind of like an installer. For example, when you execute an installer, you sometimes get the User Account Control window, which is detected when the system is trying to grant advanced permissions for the EXE.

Related Questions in PYTHON

Related Questions in WINDOWS

Related Questions in WINDOWS-DEFENDER

Related Questions in VIRUS-DEFINITIONS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions