KNIME extensions with PUA Malwares

Hello, my antivirus finds the PUA software in my Text processing extension.

Stage:

Linux; Debian Stretch (latest version, clean environment)
KNIME 3.7.2 installed today.

Step 1; Check viruses and malware → OK clean environment
Step 2: Install KNIME 3.7.2 from the package available on the web ‘knime_3.7.2.linux.gtk.x86_64.tar.gz’
Step 3: Check for viruses and malware in the folder. KNIME → NO OK, a threat detected.
Step 4: check for viruses and malware in my workspace (my backup) → OK, there is no information
Step 5: Enter KNIME and load my workspace.
Step 6: KNIME asks to install missing extensions (Word Processing, etc) → Installation OK.
Step 7: Leave Knime
Step 8: Check for viruses and malware in the folder. KNIME → NO OK, 6 threats detected.

ClamTk, v5.24
Wed May 29 15:57:03 2019
Definiciones de ClamAV: 6150182
Carpetas analizadas:
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.base_3.7.2.v201904170949
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.binary.jre.linux.x86_64_1.8.0.152-01/jre/lib/ext
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.ext.textprocessing.models_2016.11.23.v201810040749/stanfordmodels/pos

Encontrados 6 posibles amenazas (4240 archivos analizado).

/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.ext.textprocessing.models_2016.11.23.v201810040749/stanfordmodels/pos/wsj-0-18-bidirectional-distsim.tagger PUA.Win.Tool.Hacktool-1840
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.ext.textprocessing.models_2016.11.23.v201810040749/stanfordmodels/pos/english-bidirectional-distsim.tagger PUA.Win.Tool.Hacktool-1840
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.ext.textprocessing.models_2016.11.23.v201810040749/stanfordmodels/pos/wsj-0-18-bidirectional-nodistsim.tagger PUA.Win.Tool.Hacktool-1840
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.base_3.7.2.v201904170949/knime-base.jar PUA.Andr.Adware.Dowgin-6888245-0
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/org.knime.binary.jre.linux.x86_64_1.8.0.152-01/jre/lib/ext/jfxrt.jar PUA.Andr.Adware.Dowgin-6888245-0
/home/iamai/Data Science/App/knime/knime_3.7.2/plugins/net.sf.jni-inchi_0.8.0.jar PUA.Win.Downloader.Aiis-6803892-0

What should I do? I have had a strange and erratic behavior of my hard drive when running KNIME with these extensions.

Tnks
.

Hey @jpg,

that looks strange. We always do virus scans before shipping new software. Which anti virus tool do you use?

Best regards,

Julian

ClamTk, v5.24 for Linux

Same for me when using Windows. Bitdefender says: “Malware recognized. Knime.exe. Blocked”.

Follow last post issue here: Virus Alert during installation