[GH-ISSUE #152] Windows Security detects Trojan:Win32/Ymacco.AADD, blocks pip download #144

New issue

Closed

opened 2026-02-26 12:20:37 +03:00 by kerem · 1 comment

kerem commented

2026-02-26 12:20:37 +03:00

Owner

Originally created by @rectalsolarpasatries on GitHub (Jan 23, 2021).
Original GitHub issue: https://github.com/brentvollebregt/auto-py-to-exe/issues/152

As the title says. Windows defender stopped the download I ran using pip in cmd. Here's the affected file:

file: C:\Users(user)\AppData\Local\Temp\pip-install-jbayo47u\pyinstaller\PyInstaller\bootloader\Windows-32bit\runw.exe

Originally created by @rectalsolarpasatries on GitHub (Jan 23, 2021). Original GitHub issue: https://github.com/brentvollebregt/auto-py-to-exe/issues/152 As the title says. Windows defender stopped the download I ran using pip in cmd. Here's the affected file: file: C:\Users\(user)\AppData\Local\Temp\pip-install-jbayo47u\pyinstaller\PyInstaller\bootloader\Windows-32bit\runw.exe

kerem closed this issue

2026-02-26 12:20:37 +03:00

kerem commented

2026-02-26 12:20:37 +03:00

Author

Owner

@brentvollebregt commented on GitHub (Jan 24, 2021):

Not the same but a similar idea to #122 and #125.

Has been raised in the PyInstaller repo at pyinstaller/pyinstaller#4633 and the same message is given:

Please contact you anti-virus vendor. There is nothing we can do about this false positive.

If your anti-virus vendor considers one of the files included in the PyInstaller distribution or a file generated by PyInstaller to be malicious, there is nothing we can do about this. Even if we'd change our code, they'd change their pattern and the race starts again.

See this mailing-list thread and other tickets for his topic.

@brentvollebregt commented on GitHub (Jan 24, 2021): Not the same but a similar idea to #122 and #125. Has been raised in the PyInstaller repo at pyinstaller/pyinstaller#4633 and the [same message is given](https://github.com/pyinstaller/pyinstaller/issues/4633#issuecomment-575537881): > Please contact you anti-virus vendor. There is nothing we can do about this false positive. > > If your anti-virus vendor considers one of the files included in the PyInstaller distribution or a file generated by PyInstaller to be malicious, there is nothing we can do about this. Even if we'd change our code, they'd change their pattern and the race starts again. > > See this [mailing-list thread](http://www.mail-archive.com/pyinstaller@googlegroups.com/msg05002.html) and [other tickets for his topic](https://github.com/pyinstaller/pyinstaller/issues?q=is%3Aissue+virus+is%3Aclosed).