Quinny

appinit_dlls FP or not?

10 posts in this topic

Hi,just tried mbam anti rootkit prog for the first time and upon opening the prog

it instantly gave an alert saying "appinit_dlls" might be a rootkit.

After a bit of googling i can't figure out if it's a dangerous trojan virus or should be

left alone as it's part of the windows 7 os.

Thanks in advance for any help.

Share this post


Link to post
Share on other sites

Hi,just tried mbam anti rootkit prog for the first time and upon opening the prog

it instantly gave an alert saying "appinit_dlls" might be a rootkit.

After a bit of googling i can't figure out if it's a dangerous trojan virus or should be

left alone as it's part of the windows 7 os.

Thanks in advance for any help.

Just follow the instruction on a message box: If MBAR was able to start and haven't crashed afterward, just leave it alone.

Share this post


Link to post
Share on other sites

Thanks for your reply.Just ran the first mbar scan and it give me a clean bill of health.

But every time i click the exe the same alert comes up telling me "appinit_dlls" is proberly

a virus and i'm still none the wiser if it's a FP or not.

Share this post


Link to post
Share on other sites

That image is a bit small, but looks like C:\Windows\system32\nvinitx.dll which is an NVidia file. Check the file's properties. Is it from NVidia? If so, it's not malware. I have this same file and same entry on one of my machines which uses NVidia graphics.

Share this post


Link to post
Share on other sites

That image is a bit small, but looks like C:\Windows\system32\nvinitx.dll which is an NVidia file. Check the file's properties. Is it from NVidia? If so, it's not malware. I have this same file and same entry on one of my machines which uses NVidia graphics.

Not quite sure how to check properties on C:\Windows\system32\nvinitx.dll but i did find it in system32 and did a right click then chose properties,clicked details and it does say it's from NVIDIA CORPORATION.

So i hope thats the right procedure,so does this mean it's a FP? and will i always get this alert coming up every time i run mbar.

Share this post


Link to post
Share on other sites

Yes, that's the correct way to find properties.

It's not an FP, it's just that your entry is not malicious. MBAR detects and offers to remove any valuedata in AppInit_DLLs. If unsure, always click No. If it's malware that might have prevented MBAR from continuing or caused it to crash, that may happen after clicking No.

Share this post


Link to post
Share on other sites

Hi tetonbob,

 

I have the same issue as Quinny and like you I have the Nvidia software installed on my machine. However, I have two appinit_dlls file, the one is exactly in the same directory as in your image and another one is here: 

blob:https%3A//secure.flickr.com/fd80aacb-23db-458a-bbac-352fe3faeb79

 

Is this ok or it should not be there? 

 

Thank you.

Share this post


Link to post
Share on other sites

zoomer_zoomer:
 
This is Quinny's thread from two years ago!
 
If you have an issue, please start your own thread.

Please reference: Please read before reporting a false positive
 
Post #2


If you are not a member of Staff or Experts group please do not reply to other users posts in either the File or Web Blocking forums.

 
Thank you for understanding.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.