Avast thinks nVidia driver package contains a rootkit


  1. Posts : 6,292
    Windows 7 64 Bit Home Premium SP1
       #1

    Avast thinks nVidia driver package contains a rootkit


    Interesting. I ignored it.

    *
    Attached Thumbnails Attached Thumbnails Avast thinks nVidia driver package contains a rootkit-capture.jpg  
      My Computer


  2. Posts : 6,458
    x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
       #2

    Probably a false positive, but why not run TDSSkiller?

    Malware Remediation - Scan for Rootkits
    or

    Kaspersky download site: Anti-rootkit utility TDSSKiller
      My Computer


  3. Posts : 21,007
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       #3

    TV some more you can try mate
    Best Free Rootkit Scanner and Remover - Avast has one in here too.
      My Computer


  4. Posts : 6,292
    Windows 7 64 Bit Home Premium SP1
    Thread Starter
       #4

    Thanks gents.
    I believe it to be a false positive too, something for nVidia and Avast to work out.
    I ran an Avast boot scan and a full general scan afterward and nothing came up.

    But I will run one of those suggested programs too, just to be sure. Not today though, leaving in one hour.
      My Computer


  5. Posts : 4,566
    Windows 10 Pro
       #5

    It most likely is a false positive.


    Virustotal is your friend.

    Herd protects last known scan of the item commonly found in that location with that name:

    Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

    All good.

    You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.

    Also wanted to add, avast starts out with the letters svc in that warning. Avast is telling you it is also running as a service. I am not sure how obvious it is to others so I thought I would add this info just in case.
    Last edited by andrew129260; 22 Jun 2014 at 19:48.
      My Computer


  6. Posts : 21,007
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       #6

    andrew129260 said:
    It most likely is a false positive.


    Virustotal is your friend.

    Herd protects last known scan of the item commonly found in that location with that name:

    Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

    All good.

    You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.
    Good point Andrew had forgotten about them - Virustotal
      My Computer


  7. Posts : 6,292
    Windows 7 64 Bit Home Premium SP1
    Thread Starter
       #7

    Thanks again. I think that is cleared up.
    Sorry, no love for either of you due to rep limit.
      My Computer


  8. Posts : 4,566
    Windows 10 Pro
       #8

    I would also make sure to report it to avast as a false positive.

    http://www.avast.com/contact-form.php

    or post in the forum here:

    https://forum.avast.com/index.php?board=2.0
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 03:26.
Find Us