Comments (45)
Many AVs seems to be trigger-happy with PyInstaller-packaged Python software, one way to get around this is to rebuild the PyInstaller bootloader, so you don't share a signature with all other PyInstaller software. I made an automated job for this: https://github.com/webcomics/pyinstaller-builder
from yt-dlp.
Seems like Bitdefender doesn't like ytp-dl but only when it's run.
Their ignorant response:
The analysis of the file has been completed:
Youtube downloaders often come with adware. Because of this, and because of the fact that youtube downloaders do not comply with youtube terms of service, we do not consider these types of applications trustworthy. Therefore, we will not take any steps toward whitelisting this detection.
Meaning they didn't even bother checking the file.
from yt-dlp.
This will keep changing with each release
More importantly, as more people download/use it, the less likely a false positive becomes (apparently not)
from yt-dlp.
will it update to the latest version released on GitHub and work?
Yes
Should I use the -U command instead?
No, pip version cannot be updated with -U
from yt-dlp.
Seems like Bitdefender doesn't like ytp-dl but only when it's run.
Their ignorant response:
The analysis of the file has been completed:
Youtube downloaders often come with adware. Because of this, and because of the fact that youtube downloaders do not comply with youtube terms of service, we do not consider these types of applications trustworthy. Therefore, we will not take any steps toward whitelisting this detection.
Meaning they didn't even bother checking the file.
I bet they are being paid by Alphabet to place this false-positive.
from yt-dlp.
I will try reporting to microsoft, but it is impractical to do so with each AV seperately
from yt-dlp.
Just fyi Windows Defender is again flagging the yt-dlp (in the build 2021.04.22) as Zpevdo.B and removes the file as quickly as possible, making almost impossible to whitelist the executable.
from yt-dlp.
Also, I've found that upgrading Python/PiP/Pyinstaller to their respective latest versions minimizes the detections. I haven't had a build of mine flagged as a virus by Defender or Malwarebytes in a long time now. https://www.virustotal.com/gui/file/6bdd6da0e1538195e93242a69aaf1b606e64b21551749ce36ed786cf5db60012/detection
from yt-dlp.
It is a false positive caused due to the exe being unsigned.
This is a known issue. I don't have any way of fixing it.
blackjack4494/youtube-dlc#114
https://www.reddit.com/r/youtubedl/comments/jrrkc0/youtubedlexe_shown_as_malware_on_virustotal/
I have been told that the issue existed for the previous version as well
https://www.virustotal.com/gui/file/a89125033bff06983b0bec46424d62882395370a04b9ad909cf88da19c331292/detection
from yt-dlp.
You could try building it yourself to get around it, it's actually really easy even on Windows. One thing I noticed is the resulting exe is 500kb smaller using the latest version of Python.
EDIT: It doesn't get detected by Microsoft (on my system) but Malwarebytes still hates it.
https://www.virustotal.com/gui/file/bbae6034f44dc22262b1adf78ffb664c7da4cf4bdd027b2dbd5d5c9dc4f49ddb/detection
from yt-dlp.
Yes, building is easy. Install pyinstaller and just run make_win.bat
Or even better, you can just install using pip py -m pip install --upgrade yt-dlp
The issue is that many users (especially on windows) are not tech savy enough to even have python installed, so the binary is the only way for them
from yt-dlp.
Yeah, obviously that's not a solution, just a temporary workaround. I don't have anything set up to test but I would probably try reverting these 2 commits to test: pukkandan/empty@732044a pukkandan/empty@f5b1bca
EDIT: reverting those 2 didn't seem to do anything.
from yt-dlp.
I think ill just build it myself. Just wanted to let you know incase this was a new problem
from yt-dlp.
huh. interestingly enough it downloads fine today
Im fairly certain the heuristic model score increases the less frequently a program has been downloaded.
Or maybe you just reported it to ms lol
You don't have to do that each release, it'll be fine
from yt-dlp.
I am closing the issue since there really is nothing I can do to permanently fix this. If anyone has any ideas, feel free to continue this thread
from yt-dlp.
Microsoft and Malwarebytes no longer detecting it as virus, just 4 AVs that I've never heard of now.
https://www.virustotal.com/gui/file/01e7c037f42f061146ff0ce71d05a27c43f2726ba30016696375fbea507047e6/detection
from yt-dlp.
If you click it you'll see more options like "Allow", then download again.
from yt-dlp.
To deal with this on Windows I ran:
pip.exe install --upgrade yt-dlp
In the future if I run:
pip.exe install --upgrade yt-dlp
@pukkandan: will it update to the latest version released on GitHub and work?
Should I use the -U
command instead?
from yt-dlp.
Same happens for v. 2021.08.10
from yt-dlp.
@ezhikus which vendor?
from yt-dlp.
from yt-dlp.
Doesn't look like it: https://www.virustotal.com/gui/file/1f9073f331b9e58b752f7c172c8be0662141ca19620d50a8e003a40897eed758/detection
nvm, microsoft times out here
Anyway, this issue was closed as "wontfix". See #25 (comment)
@shirt-dev did do some tricks based on @TobiX's suggestion to lower the detection rate, but in general, the point about "there being nothing I can do to permanently solve this" still applies.
from yt-dlp.
Sorry I duplicated a discussion for this issue. I didn't have any issue with the previous version, but am now getting alerted as per my discussion thread. Perhaps the more people that flag the application as not a virus, MS decides it's OK?
#858
from yt-dlp.
I have a question, why does the README.md in the INSTALLATION section mention this explicitly:
- Download the binary from the latest release (recommended method)
I mean, what is the given rationale behind this?
from yt-dlp.
More news: now yt-dlp is also detected as a virus by McAfee
from yt-dlp.
@Hrxn, they answered this previously in the thread:
The issue is that many users (especially on windows) are not tech savy enough to even have python installed, so the binary is the only way for them
from yt-dlp.
So, this is the only reason?
No performance differences or changes in functionality or even features?
from yt-dlp.
@Hrxn -U
only works in the release binaries. If using other methods, you have to use the tools' updater instead (Eg: pip --upgrade yt-dlp). Other than that, there is no difference
from yt-dlp.
I built this myself and my system freaked out about the .exe after the fact. For some reason it left my original copy in dist alone (I had copied it to another directory), so I tried uploading the dist version to virustotal.
12 vendors flag it as a Trojan with high confidence. Now I end up with the same issue impacting my own software too sometimes; the false positives are impossible to get rid of. But I'm really not sure why antivirus software is freaking out over this. When I did a new scan, it complained about the dist copy as well, but only after the main scan finished and said no threats were found. Kinda bizarre.
from yt-dlp.
Since there are no functional differences, as stated in a comment here above:
@Hrxn
-U
only works in the release binaries. If using other methods, you have to use the tools' updater instead (Eg: pip --upgrade yt-dlp). Other than that, there is no difference
I personally would recommend basically all users to use the pip version instead. I can't see any reason opposed to that, honestly.
I mean, if you can use yt-dlp, you can also install Python and use pip. You don't actually need to know any Python.
With regard to the false positives: Maybe using py2exe instead of PyInstaller would be better?
from yt-dlp.
py2exe doesn't support Crypto modules
from yt-dlp.
I mean, if you can use yt-dlp, you can also install Python and use pip. You don't actually need to know any Python.
Yeah, try telling that to the average user!
from yt-dlp.
I'm telling everyone still in hearing distance this all the time 😄
from yt-dlp.
I'd say don't mind the Windows users. It's been explained it's a false positive and that it's lazy detection writing by the AV vendors (not so dissimilar to flagging on benign software that uses UPX packer). I would make this pure python and not worry about freezing/converting to exe it, if they're really serious about using it they'll jump thru the "difficult hoops" of installing Python i think.
from yt-dlp.
After previously allowing it, the latest win defender flags the latest ydl release as a SEVERE class threat "Trojan:Win32/Spursint.F!cl"
"This program is dangerous and executes commands from an attacker."
from yt-dlp.
I've worked around this problem for now by just creating a batch file, yt-dp.bat, and running directly from Python.
@echo off
python yt-dlp-master/yt_dlp/__main__.py %*
from yt-dlp.
^But you already have Python installed?! Why not install it via pip
, you do not need any Batchfile workaround?
from yt-dlp.
^But you already have Python installed?! Why not install it via
pip
, you do not need any Batchfile workaround?
The batch file operates like the built .exe would. I don't really know Python or work with it enough. If I understand the pip method it would still involve py yt-dlp
so I'd prefer to have a batch file regardless.
from yt-dlp.
@LummoxJR actually no. you'd be able to just use yt-dlp
from yt-dlp.
For "normal" users, it is not recommended to run directly from source code. Unless you are familiar with git, it makes updating hard. If you dont want to use the exe, use pip/zip versions instead.
But for those who do want to run straight from source anyway, there is already yt-dlp.cmd
and yt-dlp.sh
in the root of the repo
Anyway, all of this is off-topic. Please keep the thread on topic.
PS: Unless anyone has any better ideas on how to take the AV venders off our heels, no point it writing any comment here. This issue was closed as wontfix
for a reason
from yt-dlp.
@kamyker is that on a forum? I'd like to add my 2c if it's somewhere public, because I'm a long BD customer.
from yt-dlp.
@kamyker is that on a forum? I'd like to add my 2c if it's somewhere public, because I'm a long BD customer.
No, emails. You can try asking them too here https://www.bitdefender.com/consumer/support/ . Don't do it too soon as they may think it's me again lol. I asked them again to at least analyze the file as that blocking behavior may also stop other apps working correctly and:
Thank you for getting back to me!
Unfortunately, as my colleagues from the AV labs provided us with the points from my last email, we cannot provide any other assistance regarding this issue.
Btw in rare cases Bitdefender doesn't detect it depending on what link is used. No idea why that's happening.
from yt-dlp.
I was bored, so I decided to run antivirus tests (using virustotal) on all the files in https://github.com/yt-dlp/yt-dlp/releases/tag/2022.05.18.
The results are as follows (files not listed below didn't have any timeouts nor positives):
yt-dlp, yt-dlp.tar.gz, Source code (zip) and Source code (tar.gz):
Lionic-timeout
yt-dlp_win.zip:
Lionic and Clamav-timeout
yt-dlp.exe:
Webroot-W32.Trojan.Gen
Microsoft-timeout
yt-dlp_min.exe (this one had the most positive detections by far):
Fortinet-PossibleThreat.PALLAS.H
Ikarus-Trojan.Python.Psw
Jiangmin-Trojan.PSW.Disco.els
SecureAge APEX-Malicious
Webroot-W32.Trojan.Gen
from yt-dlp.
Here's my virustotal results when I compiled from source:
Cylance - Unsafe
SecureAge APEX - Malicious
https://www.virustotal.com/gui/file/10e0425544edc2ea778cf607057a773c5ee29d3ba138b23ef729eef8a7aeef83
from yt-dlp.
Unless anyone has any better ideas on how to take the AV venders off our heels, no point it writing any comment here. This issue was closed as
wontfix
for a reason
from yt-dlp.
Related Issues (20)
- Is there any way to download a thumbnail for special size ? HOT 2
- how to download a video that is georestricted in my country but not in another country? HOT 5
- [Piapro] Unable to extract view count and content ID HOT 1
- How do I download links from batch link.txt but only want the link on line 1? HOT 4
- Freesound - "Unable to extract song url" HOT 1
- unable to extract post url BravoTv HOT 1
- [Pornhub] Give better error for geo-restriction than `Unable to extract title` HOT 2
- My ip blocked by youtube HOT 3
- Live stream BR download does work,but audio and video not synchronized HOT 1
- [Bilibili] failure to download whole channels videos
- [YouTube] New Channel renderer fails extracting various metadata like channel_follower_count HOT 4
- How to use the --list-subs option from the python API? HOT 1
- <HTTPError 410: Gone> When Trying to Download Videos from NickJr.com
- [douyin.com]Failed to parse JSON: Expecting value in '': line 1 column 1 (char 0) HOT 1
- ERROR: [youtube] -Igp-TM1MOw: Get the best YouTube experience. Sign in to save videos, subscribe, and more HOT 5
- I cannot download videos on Niconico(ニコニコ動画) HOT 1
- [Youtube] 8k VR180 SBS videos no longer available HOT 6
- SharePoint extractor broken on private links
- Unable to get the lower quality audio formats from youtube music HOT 4
- IBM SkillsBuilds videos HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from yt-dlp.