Jump to content

Win64/CPUZ.A detected by ESET


Recommended Posts

Hi,

This morning I got a pop-up from ESET (see attached pictured) telling me that a potentially unsafe application had been found, called cpuz139_x64.sys. I assumed that it was from CPU-Z, which I formerly used, so I uninstalled CPU-Z but the problem was still there. I had ESET clean the file and restart, and the file was successfully deleted before the restart, but after the restart it had been re-created. I then tried restarting in Safe Mode and manually deleting the file and was able to do so, but on restarting to Normal Mode it had been recreated, so I went back into Safe Mode and deleted it again, then restarted to Safe Mode and it had not been recreated, then when I restarted to Normal Mode after that, it had been re-created. My question therefore is:

1) Is this a false-positive?

2) If it isn't a false positive, how do I trace it back to whatever is recreating it each time and solve the problem?

 

Thanks.

cpuz.PNG

Link to post
Share on other sites
  • Administrators

The detection is correct, the driver can be exploited. If you want to exclude it from detection, you can unfold Advanced options, check the appropriate box there and click "Ignore".

Link to post
Share on other sites

I will also add it appears the CosairLink4 software via an installed service is recreating CPU-Z driver at boot time. Therefore, the only way to permanently eliminate the Eset alerting would be to uninstall the  CosairLink4 software.

Edited by itman
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...