- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you provide me the exact URL where you downloaded the package or describe how you came to this download page.
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found the location you downloaded the Intel C++ Studio XE 2011 for Windows* today from. Let me investigate.
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I couldn't find a problem so far. The checksum and filesize of the downloaded file should be:
>cksum.exe c_studio_xe_2011_update2_setup.exe
3383553630 933972144
Could you please compare with yours? If they match exactly it's definitely no malware problem since it's unpossible that a malware graps into the fileset without changing the checkum. Filesets posted on the Intel Registration Center are being checked diligently against any malware intrusion.
Could you please tell me the link that's included in the welcome message? Can you recall which the other download link was where you downloaded the c_studio_xe_2011_update2_setup.exe and where you found the virus alert druing installation?
Do you remember when esactly the virus alert popped up? Was it during file extraction or later?
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Alternatively, until the investigation about the malware intrusion is clarified, you can download and install the 32-bit or 64-bit only packages:
checksum/filesize/filename:
1192786758 | 580989600 | c_studio_xe_2011_update2_ia32_setup.exe |
1729450580 | 673391840 | c_studio_xe_2011_update2_intel64_setup.exe |
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The full package includes both 32- and 64-bit products. The ia32 and intel64 packages contain the 32-bit and the 64-bit respecively only. It's just a matter of "overhead". If someone needs the 32- OR 64-bit only he can download and install the ia32 or intel64 package..
So for you the full package is the right one. But due to the possible malware problem in the full package you could alternatively download and install the 32- and the 64-bit packages.
I'm just testing Avira (and will run also other scanners).
Do you have a German Windows system?
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fine. Thanks.
Yes, I have a German 64 bit Windows 7 ultimate system.
P.S:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found the TR/Rootkit.Gen now too in the file c_studio_xe_2011_update2_setup.exe with an Avira scan. We'll investigate.
I'll check also the ia32 and intel64 subpackages.
I'm sorry for any inconvenience this may cause you.
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found the TR/Rootkit.Gen now too in the file c_studio_xe_2011_update2_setup.exe with an Avira scan. We'll investigate.
I'll check also the ia32 and intel64 subpackages.
I'm sorry for any inconvenience this may cause you.
Hubert.
It's ok. Unfortunately, I cannot work with the ia32 and intel64 subsystems.
Maybe a recompilation of the whole thing could be a solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thomas,
I did a lot of investigations and involved also our product engineering team and our finding is the following:
It's a false malware alert from Avira Antivirthat is being issued only when the malvare scan is done from a higher level of either the installation fileset or the installation of C++ Sutio XE. When you scan the file vtss.sys directly from within (default) c:\Program Files (x86)\Intel\VTune Amplifier XE 2011\bin64\sepdrv\Avira Antivir doesn'treportany virus findings. Pls. have a try.
My colleagues reported similar issues in the past with the VTune driver with Avira, but all of them turned out being false alerts.
I personally didn't try out other scanners than McAfee and Avira Antivir since I've spent already a lot of time in investigation. But my colleagues confirmed that the postings on the Intel Registration Center are malware-free. As long as the checksums of the downloaded files on your side match the list posted at http://software.intel.com/en-us/articles/intel-parallel-c-studio-xe-checksums/you can be sure to have a malware-free installation fileset.
So I'd suggest to install the full package c_studio_xe_2011_update2_setup.exe and ignore the malware alert. Would this be an acceptable solution for you?
Regards,
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
"
Hubert H. said:
Currently, in my personal situation, I can live without the 32 bit version of vtss.sys, because even though
Thank you very much for investigating all the time in it. But it's not only my personal interest to work
So I think it was really worth to spend sufficient time on it, even though it could ultimately be in fact a false alarm. But this situation is simular to a Doctor tracking down suspicious clinical symptoms of his/her patients.In order to really exclude a malignant disease he/she sometimes must have performed many (partly very expensive) investigations (such as MRT etc.).
The worst thing which could happen to a programmer would be a spyware spying out
Hubert H. said:
"
(Once, just to tell you an anectode, my own programming code led to an Avira Antivir alert (on my own system during programming). I was sure that
I know that keeping track takes time. But meanwhile it might be better for someone dependent on the bin32-vtss.sys to maybe use the update 1 file(where Avira "says" that everything is ok) than using the questionable 32-bit version of vtss.sys.
Anyway, what is vtss.sys useful for? Do we really need it.
Just to give some further help for your colleagues.Here are the checksums of my two versions of vtss.sys:
bin32\
bin64\
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for your follow up. Yes, I found the alert on the 32-bit vtss.sys too. The Avira AntiVir Guard popped up after I've installed the package saying that there is a possible malware in vtss.sys. So we will investigate further.
Hubert.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
there is also some good news. I've just tested VTune on a 32-bit system after having deleted
Thomas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
vtss.sys isn't really required to operate the VTune Amplifier XE. It's useful for stability puposes under certain operation modes. Since the 32-bit vtss.sys is affected only you can delete that file from (default) c:\Program Files (x86)\Intel\VTune Amplifier XE 2011\bin32\sepdrv\ or let Avira Antivir repair the system.
So I think this will help you for now. We will follow up on investigation of the issue and I'll keep you advised.
Regards,
Hubert.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page