Author Topic: False positive? nvlddmkm.sys recognized as infected Win32:Vitro  (Read 14263 times)

0 Members and 1 Guest are viewing this topic.

ewoutdegraaf

  • Guest
False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« on: February 25, 2009, 12:13:00 PM »
My virus definitions have been updated yesterday, and today the Avast Home edition warned me that nvlddmkm.sys would be infected with Win32:Vitro.

I was shocked, because this is a very nasty virus, so i rebooted immediately and let Avast scan my pc on reboot. Only this file seemed to be infected, no other infections found.

So Avast has removed my file, and my Nvidia video driver does not function any more. Next step is downloading the latest NVidia drivers and reinstalling... but now Avast warns me AGAIN for this file thas was unpacked from the driver pack, even before installing it to the system.

Can anyone tell me if this is a false positive? I dare not reinstall the video drivers before i know this for sure.

Offline Maxx_original

  • Moderator
  • Super Poster
  • *
  • Posts: 1479
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #1 on: February 25, 2009, 12:38:56 PM »
fixed internally... it will come out with next VPS update..

Him

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #2 on: February 25, 2009, 02:47:25 PM »
 Could this virus have been the work of a disgruntled rogue related programmer?

liebach

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #3 on: February 25, 2009, 02:56:44 PM »
I have the same problem, hope it will be fixed soon (nvlddmkm.sys).

Offline Maxx_original

  • Moderator
  • Super Poster
  • *
  • Posts: 1479
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #4 on: February 25, 2009, 03:16:36 PM »
you can download the VPS, which resolves this issue, it was released few minutes ago..

Committed

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #5 on: February 25, 2009, 06:47:58 PM »
This may be my problem as well.  file showed infected by Win32:Vitro was nv_disp.inf_d5fff5df which is an NVIDIA driver.  I've banished it to my recycle bin and will download latest VPS update to check everything.

Offline Maxx_original

  • Moderator
  • Super Poster
  • *
  • Posts: 1479
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #6 on: February 25, 2009, 09:02:22 PM »
can you confirm the fix with the latest VPS?

danmaher

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #7 on: February 25, 2009, 09:45:24 PM »
what or where will i find this 'VPS update' ?

seems im having this problem with one file (so far nothing else appears to be infected)

Offline Maxx_original

  • Moderator
  • Super Poster
  • *
  • Posts: 1479
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #8 on: February 25, 2009, 09:47:52 PM »
right click the "a" icon in tray and select Updating -> iAVS Update..

Committed

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #9 on: February 25, 2009, 11:28:45 PM »
Everything's hunkie dorie.  ;D  Download latest VPS, scanned, everything's clean.  Downloaded the latest drivers for my Nvidia graphics card and installed.  All is good.  Gave me quite a scare.  That virus sounds real nasty. :o

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #10 on: February 26, 2009, 12:39:30 AM »
It certainly gets your attention ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Committed

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #11 on: February 26, 2009, 12:56:40 AM »
It certainly gets your attention ;D
It certainly did.  Taught me a lesson about keeping my backups current too.

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #12 on: February 26, 2009, 11:59:21 AM »
-= try sending it to Jotti or VirusTotal..
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Nurse069

  • Guest
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #13 on: February 26, 2009, 01:18:54 PM »
i go the same problem there. i hope it is not really infected. its the only infected file in my comptuer and i hardly slept the other night. and just a while ago i still had my duty in the community for CHN. haai. i hope its not what it really is

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: False positive? nvlddmkm.sys recognized as infected Win32:Vitro
« Reply #14 on: February 26, 2009, 01:28:48 PM »
Follow the guideline of reply #8.
The best things in life are free.