Some people have reported getting a virus warning when downloading or running Blender 2.71. As it turns out, this is caused by a filename in the numpy module.
Juicyfruit writes:
The problem stems from the fact that our numpy is unique and its filenames are abused by known malware. Our unique and thus unknown file with a suspicious name ( although it is part of numpy which a very well known library for use with python) this might cause the anti virus vendor to flag it is potentially bad.
21 Comments
Wait, so simply *naming* a file "scalarmath" is all it takes to set off virus software? That's just so wrong.
unfortunately.
and with that particular one shown(Avast!) I've set it off just by having certain variable or class names in a piece of code.
Yes if you put those files a zip you might trigger it. The compression on the installer is different and even though the same exact file is in there the anti virus handles that as one file and seems to not know ho to list the files in the installer. Keep in mind that in the case of relatively obscure filenames the malware may well have more copies in the wild then numpy has. And as a result this behaviour can actually prevent people from getting infected. I would not be surprised if they flag this file as bad unless it is in a list of known good ones.
Has anyone contacted Avast to add the file to their whitelist?
since I use Vipre and I haven't really had a naming problem like this before (some obscure naming issues on uncommon software set off a warning once or twice but nothing major). while I was using MacAfee I had problems such as it not letting me run batch files with strange names like Binvox (binary voxelizer) VRAD, VVIS, and VBSP (Valve radiosity simulator, Valve Visibility Group compiler, and Valve Binary Space Partition generator which are all recognized source game development utilities made by Valve Software) and even the Dell Self Updater was identified a Trojan horse (which is insane because both the Dell self updater and MacAfee antivirus came preinstalled on the computer). even though MacAfee is considered one of the good Antivirus software packages anything set it off for me. I guess cheap antivirus is cheap for a reason (usually if its the one that comes with the computer its no good.)
MacAfee is only good in the way that M(a)cDonalds is "good" -- it's been around a long time and everybody talks about it, and so now it's just coasting on "how many billion served."
Probably because we had it shoved down our thought when we bought the computer.
That is twice as true on windows, try renaming any program as "update.exe", even if it is just a "hello world" written in C or something like that, UAC will go berserk, wanting administrator privileges and all that....
Windows UAC reacts to programs named "update", "install" and "setup" as a way to help legacy (pre-Vista) software function correctly. The pre-Vista software doesn't know it has to ask for privilege to change or install program files so the UAC assumes files with these names will want to addchange program files and asks for them. It is not because it thinks there's a virus.
Nice to learn there is an actual technical reason for this, I always thought it was just over-zealousness from Microsoft (btw, I got nothing against windows, or any other system for that matter)
It's like they say, you learn something everyday :-)
Yeah, has got it =)
I can't download zip, but downloading exe gave no problem.
My friend joked that Blender's crack is, probably, infected this time... )
Вот так мы умеем троллить антивирусники.
А ещё программисты называются.
Also it might be good to note that Blender will function perfectly ( everything except numpy ) without this file.
no, our sverchok now binded with numpy tightly
OK you got me there. But since we only ship numpy for a few releases the mayority of blender users would not notive numpy not working properly.
it will increase - usage of numpy has benefits, that cover all discomfort.
what is virus? i'm using Linux here XD
virus under linux - is reality )) just install clamAV
ClamAV is primarly there to find Windows Viruses. For example on a mail server, file server and so on. That doesn't mean by the way that i don't argue that there not exists any viruses. There exists, but ClamAV is not there to protect a Linux system like a Virus Scanner on a windows system.
Sounds insane. Who on earth will in good mental health identify virus by it's filename?
We really need a new modeling contest... "Model a Numpy"