Trojan.Swizzor: NFected by NVidia’s 197.75 update??

Personal story here…

A couple nights ago I tried to watch a movie on my Windows 7 PC, which for some reason wasn’t liking it.  At one point it spit up a window that said that it could be a driver problem and that I might want to update my drivers.

For graphics I have an NVidia 8600GT running driver version 8.16.11.9107, which so far has worked flawlessly.  But I thought I’d check out NVidia’s site anyway.  It turns out that they do have an updated driver package so I download it and rather than save it first I choose to run it directly.  As soon as the install package started Bitdefender popped up, stating that a trojan was prevented from running.

“Huh?”,  I thought, as I had just scanned it fully about two days prior and it had been found clean.  So I try again…same thing.  The actual virus was trojan.swizzor.gen.8 and it had about 30 infections which freaked me out.  I did a little searching which at the time didn’t show much.  So I ran Bitdefender’s antivirus and about 3 passes later it shows as clean.

A few days later the Bitdefender boards have lit up by others having similar problems, some having shown the infection after trying to install the NVidia package.  However, it could be a false positive.  I’m not willing to try to reinstall the driver update right now, but we’ll see what happens.

UPDATE 3/5/10:  Now I’m getting BSOD’s from some sort of a driver issue.  So I don’t know if the old driver became corrupt or if something else is now broken.  Hooray.

UPDATE 3/6/10: I saw today that there’s been overheating problems with NVidia’s 197.75 update package and they’re recommending a rollback to the prior driver, 197.21.  So I downloaded and ran 197.21 without issue.  No BSOD’s or virus popups as of yet.  So it seems that 197.75 should be avoided irregardless.

FINAL UPDATE 5/4/10: I’ve upgraded the drivers again to the latest version.  I still have occasional blue screens but no more virus problems.  I’m guessing it was a false positive.

Advertisements

Posted on March 5, 2010, in software and tagged , , . Bookmark the permalink. 1 Comment.

  1. samallison13@hotmail.com

    You are correct it is the Nvidia Driver. I have the 8600 GT as well on widows 7 64 bit. Within a week after the driver update Norton found it. 3 weeks later and paying norton another $99 I had to a complete disk wipe. I did a DoD 3 pass with verify. Then Started fresh. Only Windows 7 64, then norton internet security 2011 followed by office 2010. Then I started the OS and driver updates from microsoft. I got the boot.tidserv virus again. The last batch of was a group of 2 drivers. Nvidia 8600GT 8.17.5896 170MB and small Marvel Yukon Gigabit adapter driver.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: