2 Replies Latest reply on Nov 20, 2017 3:00 AM by david_leslie

    Malware in XENTPVX.2.2_esdm_win32.zip

    wilbur.harvey@cohere-technologies.com

      We attempted to download the XENTPVX.2.2_esdm_win32.zip file from the support site.

      We were using the current version of Chrome, which now, seems to have an antivirus checker, the download failed with a virus warning.

      We then successfully downloaded the file using Firefox.

      We then ran an antivirus scan using our Sophos anti-virus checker which claimed that SVX_DEFAULT-SVX_CONN_SOCK.dll was infected with "Mal/Generic-S".

      We filed a trouble ticket with Mentor, they (quickly) replied that they do not have viruses or malware in their downloads, that we must have been infected via some other method.

      Our systems were not infected, only the download file contained the malware.

       

      Two different threat detection systems think that there is malware in the download.

      I don't have any idea what the actual threat is.

       

      Just be cautions.

        • 1. Re: Malware in XENTPVX.2.2_esdm_win32.zip
          m.ziembicki

          I also got malware warning from Windows Defender on two separate PCs, for the exact same file. Once it is reported as "Trojan:Win32/Tiggre!plock" and the other PC reports it as "Trojan:Win32/Bitrep.A". Strangely enough, the file is digitally signed by Mentor and the signature is OK - so I wonder if it is a fake warning or the file is indeed infected...

          • 2. Re: Malware in XENTPVX.2.2_esdm_win32.zip
            david_leslie

            Hello,

             

            There have been a couple of reports recently of anti-virus utilities reporting problems in the "dll" files within the ...\SVX\ixn folder when installing Xpedition AMS (previously known as System Vision).

            Our engineering team is working to ensure that those files don’t get quarantined.

            Those files are not needed for regular Xpedition AMS functions, and are only used by Xpedition AMS conneXion (SVX). If your virus checker removes the dll file, only the conneXion tool will be affected - you can continue to use Xpedition AMS without any problem.

             

            Regards,

            David