Sawyer McLane

icon indicating a website link samclane.dev

icon location Colorado, USA icon location Python and stuff

Results 29 comments of Sawyer McLane

false positives?

I've actually had an intermediate binary get flagged by Windows Defender, quarantining it. But later builds didn't trip anything, at least on my computer. It's most likely due to the...

false positives?

I did the simple refactor, and no reduction in the False Positives. I've found that "Riskware" means that while not inherently dangerous, the software exposes some security vulnerabilities. I've restricted...

false positives?

All `eval()` statements allowing users to run arbitrary code were removed. [VirusTotal still gives the same results. ](https://www.virustotal.com/#/file/58ff4ac0b0115d39bd80f28d85b17f7fe885e3887cf2794dfce20286a2bec7d1/detection). I'm starting to get out of my depth here. If anyone knows...

false positives?

Still getting Windows Defender false positives as of 1.7.0. Attempting to solve by updating PyInstaller. EDIT: [This made it worse...](https://www.virustotal.com/#/file/d4a01e6f301c4439fe040f14951a401eda52e4e22067a27994261cd67dcbea11/detection)

false positives?

[Tried compiling PyInstaller locally to 3.5.](https://stackoverflow.com/questions/53584395/how-to-recompile-the-bootloader-of-pyinstaller) [Still doesn't work.](https://www.virustotal.com/#/file/baa333c8a1ddac5dcfe8256912cca7775f85be0dc074617cc9830a32bf2e85aa/detection)

false positives?

I've self-signed the code, and that seems to help. [I've gone from 8/71 to 5/71 positives on VirusTotal](https://www.virustotal.com/#/file/8f0420f0a88c37bef72aab73758e105917f0dbcc1fcca086b85f338bfce81d8e/detection). Most notably, McAfee, Trapmine, and Sophos ML have all cleared the binary....

false positives?

Submitted False Positive reports to a ton of AV companies. Hopefully most FPs will be cleared up in the coming months.

false positives?

I ran a full system virus scan with no results, so my dev machine isn't compromised. I also created a new Virtual Environment and recompiled fresh with that. No real...

false positives?

VT has added an engine called "Microsoft". I think it might be Windows Defender. Either way, it's a positive on that too... https://www.virustotal.com/gui/file/eccd7c0a2df8e8f35c12c842f5559eecb71a5c60c5b2c6d59086a5eae9a44008/detection https://docs.google.com/spreadsheets/d/1aY8IILdds911zwglkoYX7ktnAbuRu0gutZC1gi_FCSM/edit#gid=0

false positives?

@tort32 You're certainly right. My software _looks_ a lot like a virus. That's partially why I added the pip option; for those who want to make sure the source on...