Just to offer up a datapoint: at my work, we're signing things and still got flagged by some AV software. I doubt the cert is an EV one, but don't know offhand.
We've been planning to try the approach of recompiling the pyinstaller bootloader, potentially with some modifications to get it to appear different to the AV scanners. https://pyinstaller.readthedocs.io/en/stable/bootloader-building.html The rationale is that AV scanners are incorrectly flagging the pyinstaller bootloader code, so if we change that... I'm curious if anyone has experience taking that approach? On Thursday, June 11, 2020 at 10:24:20 AM UTC-4, Andy Robinson wrote: > > None, I have to admit. We just ran PyInstaller! We have hardly done any > GUI development in the last 20 years, I thought certificates were for web > servers. Learning about this now, thanks for the tip.... > > > On Thursday, 11 June 2020 12:18:09 UTC+1, John Harrison wrote: >> >> I had a problem like this but it was solved by using a digicert ev code >> signing cert. What cert are you using? >> >> On Thu, Jun 11, 2020, 3:31 AM Andy Robinson <[email protected]> wrote: >> >>> Hi all, >>> >>> For a few years we've had a small Windows application created with >>> PyInstaller. It connects the PhotoFinish in a Track & Field stadium with a >>> cloud service. It's very simple, with Tkinter, requests to talk to the >>> web, and reads and writes local test files; nothing else. It gets >>> downloaded by quite tech-unsophisticated users (typically above retirement >>> age) on the morning of a race; they just drop it on the desktop and run it, >>> no installation program. >>> >>> Last month Windows 10 started to tell people this was a virus. >>> Unfortunately our users are very often first-time users, and the steps to >>> make Windows shut up and install it are quite complex and scary. >>> VirusTotal.com reports that it's 100% clean. >>> >>> The app is here (feel free to try it, just drop on the desktop, run and >>> you will see a window): >>> https://data.opentrack.run/static/downloads/OTRUpload.exe >>> >>> >>> I reported a possible false positive to Microsoft and they said this: >>> "Analyst comments: The submitted files do not meet our criteria for >>> detection. No detection will be added for these files." I think that >>> means "we don't care enough about you" :-( >>> >>> This is about the third time I have had a false positive from a single >>> EXE made with PyInstaller in the last decade. Can anyone suggest ways to >>> mitigate this? Does anyone know of settings or things-included which are >>> likely to cause this, or to mitigate against it? >>> Any ideas if it's the EXE itself, or the fact that it does not come >>> "wrapped" in an MSI or InnoSetup-type installer? >>> >>> Many thanks for all help >>> >>> Andy Robinson >>> ReportLab >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "PyInstaller" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/pyinstaller/24ac636d-4912-4822-9e4f-4cb119a44cbao%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/pyinstaller/24ac636d-4912-4822-9e4f-4cb119a44cbao%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "PyInstaller" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pyinstaller/2d983ed4-bf33-443c-b714-75546a527d08o%40googlegroups.com.
