home

nvraid.sys

NVIDIA nForce RAID Driver

NVIDIA Corporation

It runs as a Windows kernel mode device driver named “NVIDIA nForce(tm) RAID Class Driver”.
Publisher:
NVIDIA Corporation

Product:
NVIDIA nForce(TM) RAID Driver

Description:
NVIDIA® nForce(TM) RAID Driver

Version:
5.10.2600.0684 built by: WinDDK

MD5:
1d4781a5957300dc81b91161b45704bb

SHA-1:
9c2e93bdc091fac395dc44c0868d1943fb2e35ba

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 8:35:25 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Agent-145770
0.98/18355

SUPERAntiSpyware
Trojan.Agent/Gen-Cryptor
10634

File size:
87.3 KB (89,344 bytes)

Product version:
5.10.2600.0684

Copyright:
Copyright(C) 2001-2006 NVIDIA Corporation

Original file name:
nvraid.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\nvraid.sys

File PE Metadata
Compilation timestamp:
8/5/2006 12:00:45 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

CTPH (ssdeep):
1536:FRDENRDNSIKG401XhR/uj0Hz5XmXoMOcF4FxiGtdwAn9fbF2wNHw:FRDWkK/1XhM0VXmXoMOA4FxjtLnpowNH

Entry address:
0xF800

Entry point:
55, 8D, 6C, 24, 90, 81, EC, D4, 00, 00, 00, 56, 8B, 75, 78, 85, F6, 75, 0D, FF, 75, 7C, E8, 01, 06, 00, 00, E9, DC, 01, 00, 00, 66, 83, 25, 28, DC, 01, 00, 00, 57, 8B, 7D, 7C, 66, 8B, 07, 66, A3, 2A, DC, 01, 00, 0F, B7, 07, 40, 68, 52, 76, 4E, 64, 40, 50, 6A, 01, FF, 15, 30, CC, 01, 00, 85, C0, A3, 2C, DC, 01, 00, 75, 0A, B8, 9A, 00, 00, C0, E9, A0, 01, 00, 00, 53, 57, 68, 28, DC, 01, 00, FF, 15, 14, CC, 01, 00, 6A, 35, 59, 33, C0, 8D, 7D, 9C, F3, AB, 83, 65, C0, 00, 83, 65, 0C, 00, 83, 65, 1C, 00, 6A, 07...
 
[+]

Entropy:
6.1629

Code size:
61.5 KB (62,976 bytes)

Driver
Display name:
NVIDIA nForce(tm) RAID Class Driver

Service name:
nvraid

Type:
Kernel device driver (KernelDriver)

Group:
System Bus Extender


Scan nvraid.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.