Fast6er 0 Posted February 11, 2017 in Cura 2.3.1 flagged by Virustotal Hi team- My new workplace has very stringent software security policies, including thorough inspection of software that hasn't previously been vetted. One of the steps is a Virustotal scan, and Cura 2.3.1 threw 4 flags. FWIW, 2.3.0 threw 2 flags. As such, I have no recourse to install the software on my corporate computer, which is a real downer. Is there anything that can be done to address these (assuming) false positives, or, (worst case) malicious code? Thanks in advance for any help or insight. Share this post Link to post Share on other sites
IRobertI 428 Posted February 11, 2017 in Cura 2.3.1 flagged by Virustotal If your workplace had competent IT people they would know that 4 positives on Virustotal doesn't really mean anything. Share this post Link to post Share on other sites
Fast6er 0 Posted February 13, 2017 in Cura 2.3.1 flagged by Virustotal If you knew who my employer was, you may revise your opinion Here's the report: linky As I mentioned, this is one metric of several they use, and these results make them wary. The responsibility lies on either me or Ultimaker to prove that Cura is safe to install and run. My experience is purely anecdotal across several machines and versions, and that's not worth much to them. Their suggestion was that I ask for Ultimaker's input. Share this post Link to post Share on other sites
DaHai8 67 Posted February 13, 2017 in Cura 2.3.1 flagged by Virustotal I find it a little odd that the file being analyzed is a win64 program, yet the Virustotal scan categorizes it as a win32 / 386 processor executible. Are they sure they analyzed the right file or are their catagories that far out of date? Share this post Link to post Share on other sites
nallath 530 Posted February 13, 2017 in Cura 2.3.1 flagged by Virustotal "Generic Trojan" -> there is fairly little we can do about this. We tried getting Cura listed on the whitelist of some of the virus scanner companies, but it's a lot of work getting it done with every single one of them. We suspect that it's the combination of Cura being able to send statistics (if you agree) and it using a local (socket) connection with the backend. What would it take to prove that it's safe? Show them the source code? That we can do! 2 Share this post Link to post Share on other sites
Fast6er 0 Posted February 13, 2017 in Cura 2.3.1 flagged by Virustotal Thanks for your responses. nallath, sending you a message Share this post Link to post Share on other sites