Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Avast thinks nVidia driver package contains a rootkit

21 Jun 2014   #1
TVeblen

Microsoft Community Contributor Award Recipient

Windows 7 64 Bit Home Premium SP1
 
 
Avast thinks nVidia driver package contains a rootkit

Interesting. I ignored it.

*




Attached Images
 
My System SpecsSystem Spec
.
21 Jun 2014   #2
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Probably a false positive, but why not run TDSSkiller?

Malware Remediation - Scan for Rootkits
or

Kaspersky download site: Anti-rootkit utility TDSSKiller
My System SpecsSystem Spec
21 Jun 2014   #3
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

TV some more you can try mate
Best Free Rootkit Scanner and Remover - Avast has one in here too.
My System SpecsSystem Spec
.

22 Jun 2014   #4
TVeblen

Microsoft Community Contributor Award Recipient

Windows 7 64 Bit Home Premium SP1
 
 

Thanks gents.
I believe it to be a false positive too, something for nVidia and Avast to work out.
I ran an Avast boot scan and a full general scan afterward and nothing came up.

But I will run one of those suggested programs too, just to be sure. Not today though, leaving in one hour.
My System SpecsSystem Spec
22 Jun 2014   #5
andrew129260

Windows 7 Professional x64 Sp1
 
 

It most likely is a false positive.


Virustotal is your friend.

Herd protects last known scan of the item commonly found in that location with that name:

Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

All good.

You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.

Also wanted to add, avast starts out with the letters svc in that warning. Avast is telling you it is also running as a service. I am not sure how obvious it is to others so I thought I would add this info just in case.
My System SpecsSystem Spec
22 Jun 2014   #6
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Quote   Quote: Originally Posted by andrew129260 View Post
It most likely is a false positive.


Virustotal is your friend.

Herd protects last known scan of the item commonly found in that location with that name:

Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

All good.

You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.
Good point Andrew had forgotten about them - Virustotal
My System SpecsSystem Spec
22 Jun 2014   #7
TVeblen

Microsoft Community Contributor Award Recipient

Windows 7 64 Bit Home Premium SP1
 
 

Thanks again. I think that is cleared up.
Sorry, no love for either of you due to rep limit.
My System SpecsSystem Spec
22 Jun 2014   #8
andrew129260

Windows 7 Professional x64 Sp1
 
 

I would also make sure to report it to avast as a false positive.

http://www.avast.com/contact-form.php

or post in the forum here:

https://forum.avast.com/index.php?board=2.0
My System SpecsSystem Spec
Reply

 Avast thinks nVidia driver package contains a rootkit




Thread Tools




Similar help and support threads
Thread Forum
avast: winsxs rootkit detected. help?
The other day my computer started acting very strange, i knew i caught a virus somewhere just not sure where. I decided to go the simple way and just reformat. After the format and all the updates applied i found my PC ran very poorly. Did a scan with avast! free and found this: ...
System Security
Avast Found Rootkit - TrustedInstaller.exe
I have a 2 day old install has had limited Internet contact to only install updates and AV/Firewall/Malware software. Avast prompted me with a Rootkit Found message pointing to C:\Windows\servicing\TrustedInstaller.exe. I ran Avast and Emsisoft Anti-Malware on the file in that location showing it...
System Security
Rootkit found -- avast! 5
Hello! avast! 5 found a Rootkit: :( C:\Windows\system32\drivers\ccdcmb.sys and C:\Windows\system32\drivers\ccdcmbo.sys Please help me what do I do?? and.... Is avast 5 really compatible with Windows 7? Some say they get the "Blue-screen Error" :)
System Security
Win7 clean install - is Chipset driver package needed?
I have done a number of Win7 clean installs on desktops. So far I have found no need for installing the vendor specific chipset drivers. All devices have, so far, been recognized, and for the most part a basic driver has been installed with Win7. Secondary vendor specific drivers are sometimes...
Installation & Setup
Windows Update bundles driver with software package?
So I downloaded the latest driver for Intel 4500MHD integrated graphics for my laptop from windows update (which it did automatically after installing Windows 7) and I found out that it isn't just the display driver... its also the software package for display settings etc. from Intel. I don't want...
Windows Updates & Activation


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:52.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App