# AVG Rootkit Detects 'hidden driver file'



## GreenStar (Apr 13, 2006)

AVG Anti-Rootkit has detected a Rootkit path C:\WINDOWS\System32\Drivers\ao284vb4.SYS

I've taken the 'Remove selected items' option and re-booted, only to find the same item identified again by AVG Anti-Rootkit.

Do I have a problem?

GS


----------



## Glaswegian (Sep 16, 2005)

Hi

Lack of info on that file suggests an infection.

Please start here and follow the instructions.

http://www.techsupportforum.com/sec...pdated-important-read-before-posting-log.html

If you cannot complete any of the Steps, simply move on to the next one - remember to let the Analyst know about this when you post your logs.

*Do not post your logs back in this thread - follow the guidance in the above link!*

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply.


----------



## trdi (Dec 29, 2007)

After checking registry keys I can tell you what this file is. It's a hidden driver that comes with Daemon Tools. If you uninstall Daemon Tools, the hidden driver disappears. The name changes everytime to make it harder to detect by antiemulator algorithms.

It's not malicious.


----------

