
Avast keeps warning me about C:\WINDOWS\System32\Drivers\Cdns.sys but when I research it, I can’t find anything on this. The suggestion is to ‘Ignore’. How do I determine what this file is? Thanks.

This is a common location for rootkits and this is I believe being detected on the anti-rootkit scan (8 minutes after boot). The Ignore option also indicates this is on the anti-rootkit scan. Hopefully you allowed it to be sent to avast for analysis ?

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page.

If you get multiple detections in VT then reboot and when avast alerts on this allow it to deal with it rather than Ignore.

However, as a first step it is better to rename it to say SUS-Cdns.sys that way the file isn’t deleted but renamed. So if it is a necessary file you should get error messages saying the file can’t be found. If it does happen to be a rootkit then since it was renamed it too wouldn’t be found.

I’m still getting the warning… but the file doesn’t show up in any file manager. I’ve opened up Explorer to view system/hidden files and still nothing. Avast describes it as a hidden service. Any suggestions?

Because of its location and not showing up in any file manager it is highly likely it is hidden by a rootkit.

Are you sure that is the correct file name as a google search for if basically finds the ones in this forum, so that is in itself suspect for a file in the system32\drivers folder.

I would normally not suggest that you delete this, but since you have been unable to find it, you could let avast deal with it next time round.

However, before you do that try these other tools and see if they also report this.