pywin32-220 installer “high risk” file

2019-08-12 02:32发布

When I try to install pywin32-220 it will be stopped by Norton saying that it's threat name "SONAR.Heuristic.132" and a "High risk file". It removes the pywin32-220 installer... So how can I get pywin32?

Pywin32 download - http://sourceforge.net/projects/pywin32/files/?source=navbar

SONAR.Heuristic.132 threat: (Norton link to details) http://www.symantec.com/security_response/writeup.jsp?docid=2015-061517-5721-99&vid=4294925827&product=Norton%20Internet%20Security&version=22.5.5.15&plang=sym:EN&layouttype=OEM&buildname=OEM30&heartbeatID=0F625CD5-90AB-490B-A78F-5E1F18F05B2E&env=prod&vendorid=32430&plid=2&plgid=2&skup=21244261&skum=21349155&skuf=21228659&cipherid=0&endpointid=0F625CD5-90AB-490B-A78F-5E1F18F05B2E&partnerid=32430&lic_type=512&lic_attr=16928786&psn=XJGV3WXHYJKQ&puid=5578&osvers=6.2&oslocale=iso:GBR&oslang=iso:ENG&os=windows

(I use Windows 8, Python version 3.3.3)

I have installed Pywin32 for a different version of python before.

So what can I do to solve the issue? How can I install Pywin32?

Edit

Thank you for your informative answer... Not what I wanted but it helps.

Also I checked my computer's threat history today... It says that the Pywin32 installer's activities had installed a file in the appdata folder... Therefore it's probably a 3rd party, unwanted software. I don't know why a python plugin needs to install something in the appdata folder.

Also considering that 220 was roughly released 10 days ago ( upon writing ) it has over 8,000 downloads... It is no more than 1,000 (Indvidualy) for every single other one, and that the 220 installer is in question...

1条回答
再贱就再见
2楼-- · 2019-08-12 03:24

How can I install Pywin32?

If you trust the suppliers of PyWin32 more than you trust the suppliers of Norton, disable or uninstall your anti-virus and go ahead with installing PyWin32.

I can't make the decision for you which one you trust more, but in my opinion:

  • In general anti-virus today simply doesn't work. (It has been arguably been causing more problems than it solved for many years now, but these days it is proving nugatory protection for all the faff.) Signature-based scanning is dead in the face of dynamically-generated files from automated kits; heuristic-based scanning (which is what has flagged here) is rife with false positives for pretty much any executable.

  • PyWin32 is hosted on SourceForge, a site that has recently gained some notoriety for packaging installers with unwanted third-party software. I have not seen any evidence that this has happened to PyWin32 at this point, but who knows.

It is deeply unfortunate that you are put in the position of choosing to trust one or another party when they have both proven themselves distinctly untrustworthy in the past. But that's the filthy, stinking state of the Windows software marketplace today.

查看更多
登录 后发表回答