About a month ago, I used PyInstaller and Inno Setup to produce an installer for my Python 3 script. My AVG Business Edition AntiVirus just started complaining with today's update that the program has an SCGeneric Trojan Horse in the main .exe file used to start the program (in the folder created by PyInstaller that has all of the Python "guts"). At first I just thought it was a false positive in AVG, but submitting the .exe file to VirusTotal I get this analysis:
https://virustotal.com/en/file/9b0c24a5a90d8e3a12d2e07e3f5e5224869c01732b2c79fd88a8986b8cf30406/analysis/1493881088/
Which shows that 11 out of 61 scanners detect a problem:
TheHacker Trojan/Agent.am
NANO-Antivirus Trojan.Win32.Agent.elyxeb
DrWeb Trojan.Starter.7246
Yandex Trojan.Crypren!52N9f3NgRrY
Jiangmin Trojan.Agent.asnd
SentinelOne (Static ML) static engine - malicious
AVG SCGeneric.KTO
Rising Malware.Generic.5!tfe (thunder:5:ujHAaqkyw6C)
CrowdStrike Falcon (ML) malicious_confidence_93% (D)
Endgame malicious (high confidence) 20170503
Zillya Dropper.Sysn.Win32.5954
Now I can't say that these other scanners are ones that I have heard of before... but still I'm concerned that it is not just AVG giving a false positive.
I have submitted the .exe file in question to AVG for their analysis. Hopefully they will back off on whatever it is that they thought they were trying to detect.
Is there anything else I can do with PyInstaller to make it so that the .exe launcher that it created won't be considered a Trojan?
I was always getting some false positives with PyInstaller from VirusTotal. This is how I fixed it:
PyInstaller comes with pre-compiled bootloader binaries for different OSs. I suggest compile them by yourself on your machine. Make sure everything is consistent on your machine. For Windows 64-bit, install Python 64-bit. Download PyInstaller 64-bit for Windows. Make sure Visual Studio (VS) corresponding to your Python is installed, check below:
https://wiki.python.org/moin/WindowsCompilers
Compile the bootloader of PyInstaller on your machine with VS. It automatically updates the run.exe, runw.exe, run_d.exe, runw_d.exe in DownloadedPyinstallerFolder\PyInstaller\bootloader\Windows-64bit. Check below for more info on how to compile the bootloader:
https://pyinstaller.readthedocs.io/en/stable/bootloader-building.html
At the end, install PyInstaller. Within the PyInstaller directory, run
python setup.py install
I was able to submit the file in question to AVG's "Report a false detection" page, at https://secure.avg.com/submit-sample. I received a response back fairly quickly (I can't remember exactly how long, but it was less than a day) that they had analyzed my file and determined that it did not have a virus. They said that they had adjusted their virus definitions so that it would not trigger a false positive anymore. I updated my definitions and it was still triggering, so I contacted them again with my virus definition version, and I heard back that the version I had wasn't high enough - I think there was some delay on my definitions because I get them from a local server. But within a day I had the right version of the definitions and the false positive didn't trigger anymore.
So if you have a false positive with AVG, I would recommend this solution - fairly quick and easy to get a resolution to the problem.
I puzzled over this question for two days and finally found a problem with my application. The issue was with the application's icon.
Example for tkinter:
root.iconbitmap('./icon.ico')
When I removed this line of code, the false-positive Trojan was gone.
Also, make sure not to use --icon dependency when you are converting your .py file into .exe. Otherwise, this will cause the same false-positive Trojan detection.
I faced same issue for my small document register project code.
My temporary solution was to allow the app in windows defender and
other solution was to use the command pyinstaller filename.py instead of pyinstaller --onefile filename.py.
I dont know if it is correct. But it worked for me.
I searched many blogs for weeks. But I found nothing..
Today I found a way to convert py to exe without any virus errors.
Virus Total Report
So in this method you do not need to send any reports.. Actually It is very simple.
You need to install a module named Nuitka.
python -m pip install nuitka
Then you need to open command from from the file path. And use the command;
python -m nuitka --mingw64 filename.py
And that's all.
You can use the command
nuitka --help
You can find more at - Nuitka Guide
I had this same problem using python 3.8.5 and pyinstaller 4.5.1
In my case the first exe build was accepted by the antivirus (Windows Defender) but subsequent builds were flagged as having a trojan.
I solved it by using the pyinstaller --clean option every time I built the executable
Reverting back to PyInstaller 3.1.1 from 3.4 resolved similar issues on my end (at least temporarily).
As #boogie_bullfrog told, reverting to a previous version could be a solution. However I used *.spec file to store some data (like pictures and icons). I had the latest 3.5 version (August, 2019) and moving to 3.1.1 caused error when app was compiled (probably due to supporting Python 3.7).
So right now the easiest solution is to downgrade to 3.4
It supports specs from pyinstaller 3.5 and the onefile-app wasn't detected by Windows 10 built-in firewall
What I did was to solve this(make exe files non detectable as virus) was to downgrade pyinstaller by typing in cmd: pip install pyinstaller==4.1.0
And by the way it didn't work on 3.4.0 so I just randomly picked that version(4.1) and its pretty good looking so far :>
I'm pretty sure that it works on more than only that one version but that i experienced personally
Recompile and then reinstall your Pyinstaller bootloader manually.
This was a problem I had for a while, and my friend and I figured out this resolution with the help of many others. It almost always works to resolve the issue.
I posted the specific steps on my medium blog. Shared the link below, but the basic steps are as follows
Purge Pyinstaller Files within your Project and Rebuild
Uninstall Pyinstaller
Build a Pyinstaller Bootloader with your Compiler
Install the newly compiled Pyinstaller
Re-build your EXE with Pyinstaller, and make sure it’s not being be flagged as a virus
How to Resolve the Python Pyinstaller False Positive Trojan Virus
Part 1. Manually Compile your Pyinstaller Bootloader
Part 2. Working with Anti-Virus Developer(s)
I had a similar problem with a pyinstaller exe under Windows. Avira put that file into quarantine since it was considered potentially dangerous (due to heuristics, which means that some segments look typical for a virus, but no virus is actually found).
Keep in mind that the exe files you generate yourself are unique (as a consequence, the Avast scanner usually returns a message "you have found a rare file, we are doing a quick test", and delays execution for 15 seconds to perform a more thorough test).
My solution consists of some steps:
I have uploaded the exe to https://www.virustotal.com/gui/home/upload to check it with many scanners. If just one or two are detecting a virus, you should be on the safe side.
In order to make your local virus scanner accept the file, you can manually accept it for your computer, but this does not solve the underlying problem, so on other computers it would still be flagged as a virus.
Therefore I reported the file as false positive to Avira, which can simply be done by sending it by email. Other scanners have similar feedback lines. I got a feedback by email within one day that it is ok, and the scanner on my pc agrees with this now. Hope that this helps with the next iterations of my exe so that it stays clean.
Had the same problem today. Win8.1 would keep flagging .exe as virus. Updated to pyinstaller 5.7.0 but the issue persisted. Uninstalled pyinstaller 5.7.0 and did a fresh install. Strangely, Win8.1 isn't complaining anymore!
Related
I have generated an .exe-file for a little PowerPoint Tool, that I've written using python 3.6, the PyQt5 framework and pyinstaller. The program runs without any errors on my own laptop and functions as expected.
Unfortunately, I can't get the .exe to run on a different computer. I've tried with 2 other computers now and get different errors on each of them.
PC 1:
Entry Point not found
The procedure entry point ucrtbase.terminate could not be
located in the dynamic link library api-ms-win-crt-runtime-l1-1-0.dll.
PC 2:
This application failed to start because it could not load the Qt platform plugin 'Windows'.
The thing, that bugs me is, that I had this last error (from PC2) during development on my dev computer, but fixed this problem for my own PC.
What I was trying to do is create an .exe-file that just runs on any PC. It's a simple PowerPoint Helper, which is supposed to be a quick tool to create new slides from a folder of images. That is why it's pretty important, that it can be seamlessly used. Ideally just opening the .exe and go, without the need to worry about individual missing pieces on every single computer, where it will be utilized.
BIG QUESTION: Is there anything I can do, to guarantee my .exe to include all the dependencies that are needed to run?
Things I've tried (aka I DID try to solve it myself.. for days):
read trough here: https://github.com/pyqt/python-qt5/issues/2
changed my .specas mentioned here: https://github.com/carlosperate/pyinstaller-test/blob/master/package/pyqt5_test.spec
read through all of this: https://stackoverflow.com/search?page=2&tab=Relevance&q=entry%20point%20not%20found
and this: https://stackoverflow.com/search?q=qt+platform+windows
and this: pyinstaller exe without any dependencies?
But nothing helps.... Most of the posts address problems when compiling the executable file, but this works just fine for me.
If using Python 3.5, PyInstaller 3.3.1 and PyQt 5.9.2 is an option for you, use fbs instead of PyInstaller to freeze your application. It is based on PyInstaller but solves edge cases like the one you are experiencing. There are instructions for setting up your app for use with fbs here.
What I'm trying to do is install SIP 4.14.7 through Cygwin using the make command. I'm running Python version 3.3.2 (with Python added to the PATH) on a Windows 7 x64 SP1 machine with 4GB RAM and an Intel Core 2 Duo. Since what I'm doing is from within the Cygwin terminal, I'll avoid using the Win32 path format.
Following the installation instructions provided with sip-4.14.7.zip, here is what I've done:
Uncompressed the .zip into /c/python33/SIP/
Launched the Cygwin terminal and went to the /cygdrive/c/python33/SIP/ folder
Ran python configure.py (No options since I was fine with the default settings)
Ran make install
As far as I can tell, I followed the instructions as I should have, but obviously I'm not doing something right here.
Here's what happens:SCREENSHOT
The number of make.exe processes go up to about 1800 before Windows gets too low on memory and the whole thing reverses itself until there are no more 'make.exe' processes running as shown here: SCREENSHOT2
I've Googled this and searched around here on stackoverflow.com but couldn't find anything related to this particular issue. It seems that unless using the -j option the MAKE command should only process one job at a time. I've also tried using the -l option thinking it would limit the processes unless enough memory was available, but the results were the same.
I tried to provide as much detail as possible, but if there is any more information that I should post to help diagnose this issue, I'd be glad to provide it. Otherwise, any suggestions here would be much appreciated.
The latest version of Cygwin includes the PyQT4 package (in All->Python within Setup.exe). It's python-pyqt4 and python3-pyqt4. If you are trying to live in Cygwin, I'd install that version into Cygwin and use it. No make required from the looks of it.
I started getting this error every time I try to:
install Python package with installer
use PyWin extension (through COM application)
start Notepad++ (with Python script plugin)
This started to happen couple of days ago.
Dialog shows, I dismiss and everything runs fine, except it pops again and again
I reinstalled Python 2.7.3 on Windows XP SP3 32bit, then reinstalled PyWin extensions, but nothing changed.
Looking for answer here, I found that obviously some library is missing manifest declaration, but I can't figure which one. Or what is loaded by default in all above mentioned 3 scenarios. Does anyone maybe has an idea?
I found it - it's PyGTK. I installed it couple of days ago, and I did suspect on it, but wasn't sure and didn't wanted to mislead.
I renamed gtk-2.0 folder in site-packages and dialog stopped to show
Will contact the team and report back if I have something
Update
I tried to contact PyGTK team, couple of days ago, but the list seems very low frequency, I wonder who uses PyGTK on Windows. This is the link to reported problem in case anyone cares: http://www.daa.com.au/pipermail/pygtk/2012-November/020462.html
And in case anyone is curious what did I do with this error dialogs, here is answer: I used PyGTK as I needed it by one project, which I now compiled to executable and got rid of GTK from my Python packages.
If you know what application or library is failing to load, you can use Dependency Walker to show any missing dependencies.
I have a program I've written in Python 2.7 on Windows, and I've been using py2exe with total success to make it into an exe (and associated files). However, a reasonable number of people who I want to use it are on Linux/OSX, and while some have been able to make the Windows version work with Wine, others have not been so successful. I've looked thoroughly into py2installer, py2app, freeze and others, but if I understand correctly (I am new to Python and very new to compiling) you need to run them on the system you want to compile them for, i.e. you can only compile for Linux on Linux and OSX on OSX. I don't want to distribute just the raw files because I want the source code to be obfuscated as it is inside a .exe, amd obviously not everyone has Python.
So, my question is: is there any way to compile for OSX or Linux, in Python, while on a Windows machine? And if not, what do you think the best alternative solution might be?
Code obfuscation is really not 'pythonic'. Even when packed into an .exe file, it's basically just the python interpreter and you source code (well, the .pyc files) zipped into one file. It is not as much as cross-compiling as it is about using a python package which does the thing you want (e.g, pack you code in a specific way) on linux.
Freeze will do this for you.
Most linux dists come with python built-in.
Get your linux box running! It's fun, useful, and you can always say 'On My Machine It Works!'. You can compile your code there / test your exe on Wine.
If for some reason you still can't get it to run, post a question!
Get Virtualbox, install Ubuntu in it, and build it "natively" in for Linux. These things work really well, and cross compilation is just asking for trouble. You're going to eventually need Linux to answer the support questions you'll get from these customers anyway! :(
I started to fiddle with PyQt, and made a "beautiful" script from the pyqt whitepaper example app (pastebin)
It works perfectly in Windows and Linux (with qt environment already installed on both).
Now my question is: Since I am trying to use Qt because it is compiled (at least pure old C++ based Qt), how can I compile some .exe file to run it on Windows, or a standalone executable for Linux.
The point is that I want the program to be compiled, because of speed and portability, instead of interpreted from source, which would require a previous setup on any machine. One of the goals, for example, is sending small gui scripts via email to coworkers who are not programmers at all.
if you want completelly create one stand alone executable, you can try PyInstaller . i feel it's better to create one stand alone executable than cx_freeze or py2exe (in my experience). and easy to use (full documentation available in the site).
It supports Python 3.6 or newer.
Pass the --onefile argument if you want to create completely standalone .exe. in example :
pyinstaller.exe --onefile --windowed app.py
After spending many weeks on this and trying all the alternatives - PyInstaller, py2exe, cx_freeze,... - I created my own library: https://build-system.fman.io/. It is based on PyInstaller but solves many of its common pain points. It also lets you create native installers on Windows, Mac and Linux.
You may want to check out cx_freeze. It claims to create executables which are "cross platform and should work on any platform that Python itself works on."
I came across it in exploring the moneyGuru package which uses PyQt. I downloaded the moneyguru.exe file to my Windows XP system, executed it, and it worked fine on Python 3.2.
You can clone the hg repo from here to see how it.s done.
There is a module named Py2EXE, which will do exactly what you want to do. It will convert the script into a .exe file to run on windows. I'm not sure about linux, but I bet there is a module out there somewhere.
py2exe.com
I am using pyinstaller
pip install pyinstaller
I don't know, but pyinstaller does't append sip.pyd. So, your need a PyQt5\sip.pyd. I recommend nice windows style qwindowvistastyle.dll.
Make build.cmd file as:
pyinstaller --onefile --clean ^
--add-binary="C:\Users\Quazer\.virtualenv\pyqt5-36\Lib\site-packages\PyQt5\sip.pyd;PyQt5" ^
--add-binary="C:\Users\Quazer\.virtualenv\pyqt5-36\Lib\site-packages\PyQt5\Qt\plugins\styles\qwindowsvistastyle.dll;PyQt5\Qt\plugins\styles" ^
.\main.py
^ - new line in command file (.cmd, .bat)
Since I am trying to use Qt because it is compiled
You're defeating this benefit by using Python. Although the other answers give an introduction to the options for distributing Python code without requiring users to install Python themselves, Python is intended to be an interpreted language so there will be downsides to each of these options (ex. speed, program size, compatibility, etc...). They may or may not be deal-breakers to you.
Your two other options are:
Embrace the interpreted nature of Python: have people you're sharing your program with install Python and the dependencies. You can simplify this process significantly though. Ex. on Linux, use a package manager.
Write your program in C++. Doing so would allow you to truly compile a single, native executable. This unfortunately means dropping Python, but there's reasons people still write code in less beautiful languages like C++ and it sounds like you might be running into some of them.