LabVIEW

---

KO7Z wrote:
Our Symatec Anti-Virus is reporting a Trojan on disk 2 of the August 08 download. It happens more than one machine, so we know it isn't machine related. (DCD-AUG08-2.EXE)

---

Hi KO7Z,

 

 There is no virus on that disk (I'm assuming the disk was shipped directly from National Instruments). Symantec is mistakenly identifying that file as a trojan. We've seen some issues in the past when Symantec recognized some of our software as viruses, but not with this particular file. 

What edition and version of the antivirus do you have? Do you have all your definitions updated?

Also, you can submit a "false positive" to Symantec through this form

 

KO7Z,

 

I have several question for you as well.

 

1) is Symantec popping up during an installation, and it finds a trojan when on volume 2, or
2) is Symantec finding the trojan when the DCD-AUG08-2.EXE is downloaded from the web?
3) can you provide any more information at all? Such as the name of the trojan, what file the trojan was found in, etc?

 

Song D, Unforunately, I am not the engineer who installed this. However, I am in IT and monitor virus reports. There have been more than four of our engineers with this virus reported within a few days of each other. 1) I don't know if it is during an installation. The CD (or DVD) was copied to the drive C:, so it is possible that the virus came from somewhere else, but it didn't show up for our division until the files were copied to the C: drive or installed from the CD (DVD). 2) None of the people that installed this downloaded it from the web. 3) The name of the trojan was listed by Symantec as "Trojan Horse", which is a broad group of similar threats. Here is a copy of the line from the report as to the location of the file: C:\Program Files\National Instruments\RT Images\Utilities\BIOS Updater\13.1\7046\flashUpdate.exe It seems that someone else reported a similar thing in this forum. It could all be a false positive, since nothing has shown up before or since with those who updated. I understand that we are now at a higher level for most of our users with the 4th quarter 2008 updates. It seems that possibly the four or five that have had the report either copied the files to the C: dirve first, or tried to load it directly from the setup on the Cd (DVD). I will consider this to be a closed issue, and assume that it is a false positive. Thanks, KO7Z

Dear N.I.

 

This is a BIG deal.  I have the exact same problem.  NAV is identifying C:\Program Files\National Instruments\RT Images\Utilities\BIOS Updater\13.1\7046\flashUpdate.exe as a Trojan horse.  The problem is its in a networked classified system and the entire system has been brought down by security.  I've got engineers sitting on their thumbs. 

 

Turning off anti virus on these systems is not an option and any positive hit brings everything to a screeching halt.  Get in touch with Symantec and find out whats going on.

AVG, and Avast  found it too.

Robicheaux,

 

Just go and do a manual override in Symantec and do a special standing for those file if its that big of a problem.   If you have the network version; you can do a full change form the admin machine, and not have to go to every computer. 

 

Are you still running XP or Vista?

LabVIEW Real-Time Module customers experienced a similar issue last year. R&D was notified, managers were consulted, etc., etc. I contacted the manufacturers, who told me to have my customers submit false positive reports. In the end, an update was sent the following day and the problem was resolved.

 

Unfortunately, National Instruments PSEs are not subscribers of these various antivirus software packages and there is very little we can do except request you submit a false positive report to the antivirus manufacturer and await their response. As paid subscribers, your submissions are much more valuable than anything National Instruments can request.

 

Cheers.

Maybe NI PSE's should have a subscription to "these various anitvirus software packages"? Maybe they have a virus within their machine and software produced also contains the "trojan" or virus. I'm not accusing, just suggesting. In todays environment, security is more important than ever before and even if the PSE's aren't "in the world" they need to become highly sensitive to the customers' world.

so true