Hi there,
I’m facing an antivirus issue with Orthanc Transfers.
I have an standalone java app (Orthanc Tools) that include Orthanc binaries to deploy Orthanc for temporary session to benefit from it’s amazing anonymisation capabilities.
For this, the Java app copy the binaries into a temporary folder and then execute them from there.
I had a bug report for an user, at the binaries copy, the Orthanc Transfers plugin triggered the antivirus (Symantec) that recognized as a malware (see screen capture in attachment).
Interestingly, none of other binaries suffers for the same problem (I copy also orthanc.exe and orthancviewer dll and these files are not stopped by the antivirus)
As this (very nice!) Transfers plugin is the most recent of all, I was wondering if it can miss some signature/authentication with antiviruses or if there is some hope to see this problem disappear in the future ?
Best regards,
Salim
Hi Salim,
Unfortunately, there is not much we can do on our side: We use the same compilers for all the plugins, so there’s no reason for Symantec to consider this specific plugin as threat but not the others.
The only possibility is to get in touch with Symantec support to ask them why this file is put in quarantine.
Regards,
Sébastien-
Ok thanks for informations,
I filled a false positive report in symantec website and sent them the transfers.dll for analysis,
I will keep you updated,
Best regards,
Salim
Dear Sebastien,
Symantec had responded very fast ! Sounds that the problem should be solved.
Here the email I just recieved :
In relation to submission 147792.
Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:
File name: OrthancTransfers.dll
MD5: 75FEDAE4A61C6472C06B343D481E71A4
SHA256: 03531C2D88F47AC464DAEDB3FCFC43B826F1D308E8683AD76E4BBFC177ACE947
Note: Whitelisting may take up to 24 hours to take effect via Live Update
Best regards,
Salim
Great news! Thanks for your feedback 
Sébastien-