[vtkusers] Kaspersky 2016 reports a virus in the windows installer for version 7.0.0

Michael Grabietz michael.grabietz at img-online.de
Thu Jun 30 01:15:18 EDT 2016 

David,

thank you very much for your assistance. I am going to mark the files as
'false positive'.

Michael

Am 29.06.2016 um 15:50 schrieb David E DeMarle:
> I think it is a false positive.
> 
> Although kaspersky's online checker
> complained about the pyd files with the mysterious
> UDS.DangerousObject.Multi.Generic problem, a local check with a fully
> updated Kaspersky anti-virus 2016 trial version did not.
> 
> Our build machines are virus checker protected in any case so it is
> unlikely to be a real threat. I think it is more
> likely that Kaspersky is being over protective as VTK isn't all that
> common in the scale of things.
> 
> We will continue to try and work it out with Kaspersky in any case.
> 
> 
> David E DeMarle
> Kitware, Inc.
> R&D Engineer
> 21 Corporate Drive
> Clifton Park, NY 12065-8662
> Phone: 518-881-4909
> 
> On Tue, Jun 28, 2016 at 10:27 AM, Michael Grabietz
> <michael.grabietz at img-online.de <mailto:michael.grabietz at img-online.de>>
> wrote:
> 
>     Hi David,
> 
>     thanks for your reply.
> 
>     Current status of the installer listed on virustotal.
> 
>     https://legacy.virustotal.com/en/file/6b090fb40050e45feb5bfaca1c29056a89e25497828d00a785548b579b716a36/analysis/
> 
>     Best Regards, Michael
> 
> 
> 
>     Am 28.06.2016 um 16:02 schrieb David E DeMarle:
>     > Michael,
>     >
>     > We've had false positives like this before so I assume and hope this is
>     > another case of that happening. We'll investigate and report back when
>     > we know more.
>     >
>     > thanks,
>     >
>     >
>     > David E DeMarle
>     > Kitware, Inc.
>     > R&D Engineer
>     > 21 Corporate Drive
>     > Clifton Park, NY 12065-8662
>     > Phone: 518-881-4909 <tel:518-881-4909>
>     >
>     > On Tue, Jun 28, 2016 at 9:39 AM, Michael Grabietz
>     > <michael.grabietz at img-online.de
>     <mailto:michael.grabietz at img-online.de>
>     <mailto:michael.grabietz at img-online.de
>     <mailto:michael.grabietz at img-online.de>>>
>     > wrote:
>     >
>     >     Hello,
>     >
>     >     I just downloaded the vtk7-Installer for Windows. I want to
>     install vtk
>     >     under Windows 10. Kaspersky Internet Security 2016 is running
>     on the PC.
>     >
>     >     I used the following installer:
>     >
>     >   
>      http://www.vtk.org/files/release/7.0/vtkpython-7.0.0-Windows-64bit.exe
>     >
>     >     Kaspersky 2016 is up to date.
>     >
>     >
>     >     When I start the installer Kaspersky reports an issue with the
>     file. A
>     >     virus was detected. Name or type of the virus is reported as
>     >     'UDS:DangerousObject.Multi.Generic'.
>     >
>     >     When VTK 7.0.0 is installed Kaspersky reports every *.pyd file
>     in the
>     >     directory C:\Program Files\VTK 7.0.0\bin\Lib\site-packages\vtk as
>     >     infected by 'UDS:DangerousObject.Multi.Generic' too. 85 files were
>     >     quarantined.
>     >
>     >     vtkChartsCorePython.pyd                   Date: 2016-01-28 21:00
>     >     vtkCommonColorPython.pyd                  Date: 2016-01-28 20:55
>     >     vtkCommonComputationalGeometryPython.pyd
>     >     ...
>     >     vtkViewsInfovisPython.pyd
>     >
>     >
>     >     I checked these files on various computers running different virus
>     >     scanners like F-Secure and even Kaspersky 2015 (not 2016!)
>     with up to
>     >     date data bases. They don't complain.
>     >
>     >     Further I checked vtkChartsCorePython.pyd on the Kaspersky
>     Site. There
>     >     is a possibility to upload files for checking. It is reported as
>     >     infected. Maybe somebody can give it a try and uploads one of
>     these pyd
>     >     files to the Kaspersky site to verify this behaviour.
>     >
>     >     I hope it is a false positive. Do you had already some similar
>     issues
>     >     like that? I am rather confused, since I cannot find any suitable
>     >     information in the web about this issue.
>     >
>     >
>     >     Best regards, Michael
>     >
>     >     _______________________________________________
>     >     Powered by www.kitware.com <http://www.kitware.com>
>     <http://www.kitware.com>
>     >
>     >     Visit other Kitware open-source projects at
>     >     http://www.kitware.com/opensource/opensource.html
>     >
>     >     Please keep messages on-topic and check the VTK FAQ at:
>     >     http://www.vtk.org/Wiki/VTK_FAQ
>     >
>     >     Search the list archives at: http://markmail.org/search/?q=vtkusers
>     >
>     >     Follow this link to subscribe/unsubscribe:
>     >     http://public.kitware.com/mailman/listinfo/vtkusers
>     >
>     >
> 
>     --
>      Michael Grabietz
> 
>      IMG - Ingenieurbuero Michael Grabietz
>      Stauferring 56
>      97941 Tauberbischofsheim
>      Germany
> 
>      Fon: +49 9341 89 66 70 <tel:%2B49%209341%2089%2066%2070>
>      Fax: +49 9341 89 66 71 <tel:%2B49%209341%2089%2066%2071>
> 
>      michael.grabietz at img-online.de <mailto:michael.grabietz at img-online.de>
>      www.img-online.de <http://www.img-online.de>
> 
> 
> 

-- 
 Michael Grabietz

 IMG - Ingenieurbuero Michael Grabietz
 Stauferring 56
 97941 Tauberbischofsheim
 Germany

 Fon: +49 9341 89 66 70
 Fax: +49 9341 89 66 71

 michael.grabietz at img-online.de
 www.img-online.de

More information about the vtkusers mailing list