Solved Avast thinks nVidia driver package contains a rootkit

TVeblen

TVeblen

Building Stuff
Guru
Gold Member
VIP
Local time
1:02 AM
Messages
6,239
Location
In The Woods
Interesting. I ignored it.

*
 

Attachments

  • Capture.JPG
    Capture.JPG
    34.3 KB · Views: 31

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home Built - Jan 2013
OS
Windows 7 64 Bit Home Premium SP1
CPU
i7-3820
Motherboard
Asus P9X79-PRO - Bios 4608
Memory
GSkill F3-14900CL9Q - 16GB
Graphics Card(s)
EVGA GeForce GTX660 - Driver 352.86
Sound Card
On board Realtek ALC898
Monitor(s) Displays
Acer S271HL
Screen Resolution
1920 x 1080
Hard Drives
#1- Samsung 840 Pro Series
#2- Western Digital WD1002FAEX Sata3 Black
#3- Western Digital WD1002FAEX Sata3 Black
PSU
Corsair CMPSU-850TX-V2 - 850 watt (by Seasonic)
Case
Corsair Obsidian 550D
Cooling
Standard 3 120mm case fans, Cooler Master Hyper 212 EVO
Keyboard
MS KC-0405
Mouse
Intellimouse 5-button
Internet Speed
56 Mbits/Sec (on a good day)
Antivirus
Avast & Malwarebytes
Browser
Firefox
Other Info
Asus DVD - DRW-24B1ST 24X

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
HP Pavilion dv6-6c10us
OS
x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
CPU
AMD A6-3420M APU with Radeon(tm) HD Graphics
Motherboard
Hewlett-Packard 1805
Memory
6.00 GB
Graphics Card(s)
AMD Radeon(TM) HD 6520G
Sound Card
(1) AMD High Definition Audio Device (2) IDT High Definiti
Monitor(s) Displays
HP W2072a 20" LCD (1600 x 900) @ 60 Hz
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
ST640LM0 00 HM641JI SATA Disk Device
Keyboard
Logitech k520 wireless KB
Mouse
Logitech m320 wireless mouse (bundled with KB)
Internet Speed
15/5 | 54 MB Wireless 'n'
Antivirus
Realtime: Defender or Avast | On-demand: Malwarebytes, ESET
Browser
IE 11 on Win8, IE 10 on win 7
Other Info
Media: [Gimp, Audacity, VLC] || Comm: [WEmail 2012, Skype] || Productivity: [OpenOffice,| Textpad] || Utils: [Sysinternals, cCleaner, Speccy, Defraggler]

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
Thanks gents.
I believe it to be a false positive too, something for nVidia and Avast to work out.
I ran an Avast boot scan and a full general scan afterward and nothing came up.

But I will run one of those suggested programs too, just to be sure. Not today though, leaving in one hour.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home Built - Jan 2013
OS
Windows 7 64 Bit Home Premium SP1
CPU
i7-3820
Motherboard
Asus P9X79-PRO - Bios 4608
Memory
GSkill F3-14900CL9Q - 16GB
Graphics Card(s)
EVGA GeForce GTX660 - Driver 352.86
Sound Card
On board Realtek ALC898
Monitor(s) Displays
Acer S271HL
Screen Resolution
1920 x 1080
Hard Drives
#1- Samsung 840 Pro Series
#2- Western Digital WD1002FAEX Sata3 Black
#3- Western Digital WD1002FAEX Sata3 Black
PSU
Corsair CMPSU-850TX-V2 - 850 watt (by Seasonic)
Case
Corsair Obsidian 550D
Cooling
Standard 3 120mm case fans, Cooler Master Hyper 212 EVO
Keyboard
MS KC-0405
Mouse
Intellimouse 5-button
Internet Speed
56 Mbits/Sec (on a good day)
Antivirus
Avast & Malwarebytes
Browser
Firefox
Other Info
Asus DVD - DRW-24B1ST 24X
It most likely is a false positive.


Virustotal is your friend.

Herd protects last known scan of the item commonly found in that location with that name:

Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

All good.

You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.

Also wanted to add, avast starts out with the letters svc in that warning. Avast is telling you it is also running as a service. I am not sure how obvious it is to others so I thought I would add this info just in case.
 
Last edited:

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
andrew129260 said:
It most likely is a false positive.


Virustotal is your friend.

Herd protects last known scan of the item commonly found in that location with that name:

Malware scan of nvhda64v.sys (NVIDIA HDMI Audio Driver) a67cfe443588e8d7427b3b7c76d88726ef8b1f3a - herdProtect

All good.

You can use that info to match the md5 and other variables if you are unsure. Although it is possible for malware to lie about its md5 hash. But that's another story.
Click to expand...
Good point Andrew had forgotten about them - Virustotal :o
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
Thanks again. I think that is cleared up.
Sorry, no love for either of you due to rep limit.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home Built - Jan 2013
OS
Windows 7 64 Bit Home Premium SP1
CPU
i7-3820
Motherboard
Asus P9X79-PRO - Bios 4608
Memory
GSkill F3-14900CL9Q - 16GB
Graphics Card(s)
EVGA GeForce GTX660 - Driver 352.86
Sound Card
On board Realtek ALC898
Monitor(s) Displays
Acer S271HL
Screen Resolution
1920 x 1080
Hard Drives
#1- Samsung 840 Pro Series
#2- Western Digital WD1002FAEX Sata3 Black
#3- Western Digital WD1002FAEX Sata3 Black
PSU
Corsair CMPSU-850TX-V2 - 850 watt (by Seasonic)
Case
Corsair Obsidian 550D
Cooling
Standard 3 120mm case fans, Cooler Master Hyper 212 EVO
Keyboard
MS KC-0405
Mouse
Intellimouse 5-button
Internet Speed
56 Mbits/Sec (on a good day)
Antivirus
Avast & Malwarebytes
Browser
Firefox
Other Info
Asus DVD - DRW-24B1ST 24X

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
You must log in or register to reply here.

Similar threads

Integrate a Driver *Package* into an installation disk
Replies
3
Views
4K
MRCS
MRCS
Solved unable to find wifi driver package for toshiba satellite u840
Replies
6
Views
5K
ineuw
ineuw
I think I have a rootkit
Replies
5
Views
2K
bassdrv
B
Kyocera Network Printer FAIL. supposedly Win7 Driver package
Replies
6
Views
10K
fishnbanjo
fishnbanjo
Win7 clean install - is Chipset driver package needed?
Replies
4
Views
12K
Muad Dib
Muad Dib
Back
Top