:Probable false positive detection in driver files?

SeaRaven · ‎06-18-2014

Downloaded the latest bundle of driver files from https://download.ni.com/support/softlib/driver_cd/2014_feb/dcd_Feb_14_1.exe via both a manual download and then again via the ni downloader. Both times, a check on the checksum showed valid after the download, but after extracting and scanning the files, the first download had 12 files showing as detected by Comodo with the Heur.Corrupt.PE@4294967295; the 2nd download showed 57 detections of the same trojan. I want to be sure this is in fact a false positive. I uploaded a few of the files to Virus Total and saw that they had already been analyzed before mine, none showed detections. Also put the files up on Metascan, same results. So I am guessing this is a potential issue with the type of packer used? Can I get a confirmation , as we can't move forward without that. Also, my apologies if this isn't exactly the correct forum to post this issue. Point me in the right direction for next time if this is incorrect. Many thanks everyone

Val F.

Blizzard · ‎06-19-2014

Hi SeaRaven,

I followed the path you mentioned to the driver files and downloaded them without receiving the same virus warnings you are experiencing. I do not believe that this ftp site has virus material and that you are seeing a false positive. If you want to update the software on your computer specifically, you can also use NI Update Service to help point you to the correct updates for your specific system. If you don't have NI Update Service, the download is below:

NI Updtate Service 2.3 :https://www.ni.com/en/support/downloads/software-products/download.update-service.html

Best regards,

Anna L

Applications Engineer
National Instruments

LabWindows/CVI

:Probable false positive detection in driver files?

:Probable false positive detection in driver files?

Re: :Probable false positive detection in driver files?