Virus Alert during installation

I got several virus alerts during installation. I saw that this has already been an issue in the past for several years already. Isn’t there a way to solve this issue?

Bitdefender hat mehrere Bedrohungen in die Quarantäne verschoben.
Dateiname: C:\Users\andre\AppData\Local\Temp\org.knime.product_4.2.1.v2020090209173876444562177361468.jar.
Dateiname: C:\Users\andre\AppData\Local\Temp\signatureFile3534319757552716199.jar.
Dateiname: C:\Program Files (x86)\KNIME\features\org.knime.features.product_4.2.1.v202009020917\p2.inf.
Dateiname: C:\Program Files (x86)\KNIME\features\org.knime.features.base_4.2.2.v202009020812\p2.inf.
Dateiname: C:\Program Files (x86)\KNIME\plugins\org.knime.product_4.2.1.v202009020917\META-INF\p2.inf.
Dateiname: C:\Program Files (x86)\KNIME\plugins\org.knime.product_4.2.1.v202009020917\lib\tagsoup-1.2.1.jar.
Wir empfehlen einen System-Scan, um sicherzustellen, dass das System virenfrei

I added the “C:\Program Files (x86)\KNIME” to the exceptions folder, which means, my Bitdefender virus scanner won’t scan there. It didn’t change anything: KNIME is blocked and put into quarantine each time by my Bitdefender virus scanner.

The only option is to completely switch Bitdefender off, which is ridiculous in my opinon.

Probably most useres here are using different virus scanners. Kaspersky? Norton? Probably I am the only one who uses Bitdefender and who gets constantly Virus and Malware alerts when running KNIME.

I am really surprised, that this behaviour is an issue, which had been reported over years now from different KNIME users. I am surprised, because to me this seems not to be the most professional way to release a software tool. What are you doing here?

Hi @andeastraut -

Sorry for the trouble. It looks like you’ve already tried the first thing I would have suggested, which is to add KNIME to the Bitdefender exceptions list. I’m a little surprised that’s not having an effect.

As you mention, this type of false positive doesn’t seem to be an issue with other virus scanning programs. Beyond asking Bitdefender to stop flagging the exe, we may be limited in what we can do. I can ask someone on our development team to see if they know more.

I did take a look and can’t tell why BitDefender is so picky. It’s interesting to note that they also find plain text files suspicious and put them into quarantine, for instance org.knime.product_4.2.1.v202009020917\META-INF\p2.inf which contains these lines (hopefully also in your case?):

# The httpcomponents plug-in requires org.apache.commons.codec but does so via a package import. Buckminster
# is not able to resolved package imports therefore we add an explicit dependency here.

Submitting false positives to BitDefender seems straightforward (As they say: “Bitdefender may on occasion mistakenly flag a safe website or a legitimate file as a threat”). They also require the “detection name as it appears in your Bitdefender”, which I don’t have. Maybe you can fill that out and see what happens (or send details and we try that).

The main executable (knime.exe) should have this md5 hash - can you confirm you find this in your installation also?

We run virus scanners as part of our build process. Unfortunately BitDefender ist not part of that as we don’t come across it that often (I find two hits in the forum, one of which is this thread).

Hope this helps!
– Bernd


I deleted everything and downloaded the installation file again. The name is “KNIME 4.2.2 Installer (64bit)(1).exe”. Checksum is: 4525961b613f51140c81a9fff2a8b348 knime 4.2.2 installer (64bit)(1).exe

And after installation the “knime.exe” has the following (correct) checksum:
c7e708dd1fcf1f885f2e2bb59f1e3201 knime.exe

For the moment it seems to work and I don’t see Bitdefender alerts. I will do some tests and let you know when Bitdefender is causing more troubles.

1 Like

This topic was automatically closed 182 days after the last reply. New replies are no longer allowed.