Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Avast thinks nVidia driver package contains a rootkit

21 Jun 2014   #1
TVeblen

Microsoft Community Contributor Award Recipient

Windows 7 64 Bit Home Premium SP1
 
 
Avast thinks nVidia driver package contains a rootkit

Interesting. I ignored it.

*




Attached Images
Avast thinks nVidia driver package contains a rootkit-capture.jpg 
My System SpecsSystem Spec
.
21 Jun 2014   #2
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Probably a false positive, but why not run TDSSkiller?

Malware Remediation - Scan for Rootkits
or

Kaspersky download site: Anti-rootkit utility TDSSKiller
My System SpecsSystem Spec
21 Jun 2014   #3
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

TV some more you can try mate
Best Free Rootkit Scanner and Remover - Avast has one in here too.
My System SpecsSystem Spec
.

22 Jun 2014   #4
TVeblen

Microsoft Community Contributor Award Recipient

Windows 7 64 Bit Home Premium SP1
 
 

Thanks gents.
I believe it to be a false positive too, something for nVidia and Avast to work out.
I ran an Avast boot scan and a full general scan afterward and nothing came up.

But I will run one of those suggested programs too, just to be sure. Not today though, leaving in one hour.
My System SpecsSystem Spec
22 Jun 2014   #5
andrew129260

Windows 10 Pro
 
 

It most likely is a false positive.


Virustotal is your friend.

Herd protects last known scan of the item commonly found in that location with that name:

Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

All good.

You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.

Also wanted to add, avast starts out with the letters svc in that warning. Avast is telling you it is also running as a service. I am not sure how obvious it is to others so I thought I would add this info just in case.
My System SpecsSystem Spec
22 Jun 2014   #6
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Quote   Quote: Originally Posted by andrew129260 View Post
It most likely is a false positive.


Virustotal is your friend.

Herd protects last known scan of the item commonly found in that location with that name:

Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

All good.

You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.
Good point Andrew had forgotten about them - Virustotal
My System SpecsSystem Spec
22 Jun 2014   #7
TVeblen

Microsoft Community Contributor Award Recipient

Windows 7 64 Bit Home Premium SP1
 
 

Thanks again. I think that is cleared up.
Sorry, no love for either of you due to rep limit.
My System SpecsSystem Spec
22 Jun 2014   #8
andrew129260

Windows 10 Pro
 
 

I would also make sure to report it to avast as a false positive.

http://www.avast.com/contact-form.php

or post in the forum here:

https://forum.avast.com/index.php?board=2.0
My System SpecsSystem Spec
Reply

 Avast thinks nVidia driver package contains a rootkit




Thread Tools




Similar help and support threads
Thread Forum
Integrate a Driver *Package* into an installation disk
Does anybody know how to either: a) integrate a Driver *Package* into an installation disk, in particular the MS NVMe Hotfix (Windows6.1-KB2990941-v3-x64.msu)? OR b) figure out which internal package (there are 87 of them) inside the Driver Package is the one the system used? System: Windows...
Installation & Setup
avast: winsxs rootkit detected. help?
The other day my computer started acting very strange, i knew i caught a virus somewhere just not sure where. I decided to go the simple way and just reformat. After the format and all the updates applied i found my PC ran very poorly. Did a scan with avast! free and found this: ...
System Security
Avast Found Rootkit - TrustedInstaller.exe
I have a 2 day old install has had limited Internet contact to only install updates and AV/Firewall/Malware software. Avast prompted me with a Rootkit Found message pointing to C:\Windows\servicing\TrustedInstaller.exe. I ran Avast and Emsisoft Anti-Malware on the file in that location showing it...
System Security
Rootkit found -- avast! 5
Hello! avast! 5 found a Rootkit: :( C:\Windows\system32\drivers\ccdcmb.sys and C:\Windows\system32\drivers\ccdcmbo.sys Please help me what do I do?? and.... Is avast 5 really compatible with Windows 7? Some say they get the "Blue-screen Error" :)
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 08:27.
Twitter Facebook Google+