Virus in driver file?

Discuss the core components that make up the heart and soul of any good computer.

Moderators: Flying Fox, Thresher

Virus in driver file?

Postposted on Sun Sep 09, 2012 10:14 am

Hi!
I'm not sure where this should go so feel free to move if it's the wrong forum. Recently I built a new computer using the Asus P8Z77-V LK motherboard that was recommended in the guides. So I got all the driver files from Asus. However, my antivirus, Comodo Internet Security, indicated that one of them, IRSS_V1001031_Win7.zip, which is the Intel Rapid Start Technology V1.0.0.1031 for Windows Win7 32bit & Win7 64bit file, was infected with TrojWare.Win32.Krap.T and indicated it was high risk. Specifically the IntelButton.dll file inside the archive. Could this be a false-positive? Can somebody here check that file with another antivirus and see what it reports? It's in the SATA section of the Windows 7 64 bit drivers for that motherboard. Thanks.
bitcat70
Gerbil
 
Posts: 40
Joined: Fri Jan 28, 2011 3:02 pm

Re: Virus in driver file?

Postposted on Sun Sep 09, 2012 10:51 am

I would just skip that driver installer and get a fresh copy from Intel until I could get confirmation on the validity of the ones you have-or not care since you have newer drivers from Intel.
MastaVR6
Gerbil
 
Posts: 17
Joined: Tue Oct 26, 2004 3:37 pm
Location: Orange County, CA

Re: Virus in driver file?

Postposted on Sun Sep 09, 2012 11:20 am

Yes, that's almost certainly a false-positive. Comodo Internet Security is well-known for its high rate of false-positives, I'd strongly recommend that you switch to Microsoft Security Essentials, it's free, provides excellent protection, and won't slow down your computer or cause problems with false positives. Non-Microsoft Antivirus/Firewall/Internet security programs cause system problems, slow down your machine (especially web browsing), and make your system meaningfully more secure than just using the free Microsoft products that WON'T do that.

In the future, you can confirm whether a result is a false-positive or not by uploading the file to VirusTotal (recently acquired by Google). This site will scan the file with every scanner out there. If only a small number of programs detect anything, or if they are generic/heuristic detections (which means it just looks sort of suspicious, not that there's anything wrong with it), that's a good sign it's a false-positive.

I do agree with MastaVR6 that you should always download your drivers directly from the component manufacturer's website. The ones on the motherboard manufacturer site are usually rather outdated.
Alereon
Gerbil In Training
 
Posts: 1
Joined: Fri May 07, 2010 5:26 pm

Re: Virus in driver file?

Postposted on Sun Sep 09, 2012 1:36 pm

MSE is more of a system hog than Avast is, and it's detection rates are getting worse. Honestly, we are fast moving back to the time when paying 40 a year for AV is a must because the free AV's are dwindling in quality, and viruses are becoming more and more aggressive and damaging.
Vae victus.
Vinceant
Gerbil First Class
 
Posts: 183
Joined: Thu Apr 26, 2007 8:25 pm

Re: Virus in driver file?

Postposted on Sun Sep 09, 2012 4:54 pm

Like people have said, it's most likely a "false positive" - all antivirus programs tend to find such things from time to time, though some (like Avira antivirus products) do it more often and some (like MSE) do it less often. If you have identified whichever file that causes this, you may want to submit it to your antivirus product's developer, in your case the place to submit such samples is here:
http://www.comodo.com/home/internet-security/submit.php
My subscription allows you people to exist on this site and makes me a better human being than you'll ever be
JohnC
Gerbil Jedi
Gold subscriber
 
 
Posts: 1881
Joined: Fri Jan 28, 2011 2:08 pm
Location: NY/NJ/FL


Return to Motherboards, Chipsets, & RAM

Who is online

Users browsing this forum: No registered users and 3 guests