cardinst.exe infectado por Win32:Dh-A [Heur]

[REDACTED]

Avast antivirus detects that file C:\Windows\ExternalAP\Drivers\CardReader\IOI\Setup.exe|>{app}\cardinst.exe 
is infected by  Win32:Dh-A [Heur]

In the drop-down I can not choose Chest or delete, just leave Automatic.

I press button solve and it tells me that done, but if I scan again the problem reappears.

How can I solve it?

[REDACTED]

The card reader comes with a read-only small memory space already in that has its drivers available for install.
So either what you got is indeed infected and there is absolutely nothing you can do about it since it came like that from the manufacturer or it's a false positive. To see if it's a false positive just copy the file on your desktop and upload it to one of the online antivirus test sites and check it there.
But since it's a card reader and those have been fully supported since XP i don't see any reason why there would be a need for its drivers - so my guess it's a piege a cons. So destroy it and get a legit one.

[REDACTED]

Thanks for the reply.

I have looked at the file (Avast Antivirus calls "cardinst.exe" but in this folder there is no file with this name, there are "setup.exe") and the modification date is from 2010. All this time Avast Antivirus no detect problem, last week yes. But only Avast Antivirus, others Antivirus no.

I have downloaded another antivirus (Kaspersky free) and a antimalware (Zemana antimalware), I scan this file specifically and I've also scan the whole PC and not detect any virus.

So, it's a false positive?

Is it better to replace the file with a new one, anyway? Where can I get the file that is reliable and has no problems?

Thanks in advance and apologies for my lousy English

[Asyn]

Test the file at VT (https://www.virustotal.com) and post the link to the result here.

[REDACTED]

Today when I scan with Avast Antivirus not detect virus. Anyway, to make sure I've done what you told me and in the result, the first time 2 engines (Ikarus and TrendMicro-HouseCall) detect problems, I hit button Reanalyze and then only 1 engine ( Ikarus) detect problem.

The link to result:
https://www.virustotal.com/#/file/2cc294d8aa5a2d7c5c2dcf1c2f7b64558fe5f523f5e99131616d69242f064ae9/detection

In the same folder (...CardReader\IOI\), there are other file "AsusSetup.exe" and I upload too, the result is:
https://www.virustotal.com/#/file/982a41b4dcc4953a123dda20f139f304a8edbc8c2a7008f19a2933b7477d8a9e/detection

[Pondus]

History
Creation Time   1992-06-19 22:22:17
First Seen In The Wild   2012-10-28 08:53:58
First Submission   2014-04-23 00:59:40
Last Submission   2018-02-20 18:17:04
Last Analysis   2018-02-20 18:17:04


File Version Information
Copyright                                                                                                      
Product   Smart Card Reader Driver and Card Icon Program             
Description   Smart Card Reader Driver and Card Icon Program Setup       
File Version   1.0.7.73           
Comments   This installation was built with Inno Setup.

History
Creation Time   2007-05-29 12:02:30
First Seen In The Wild   2007-05-29 14:02:30
First Submission   2013-01-04 09:13:31
Last Submission   2018-02-20 18:34:11
Last Analysis   2018-02-20 18:34:11


File Version Information
Copyright   Copyright (C) 2006 ASUS
Product   AsusSetup
Description   AsusSetup
File Version   1.0.19.7

False Positives

[REDACTED]

Oh great! Thanks for the help