Jump to content

Win64/CPUZ.A detected by ESET

Recommended Posts


This morning I got a pop-up from ESET (see attached pictured) telling me that a potentially unsafe application had been found, called cpuz139_x64.sys. I assumed that it was from CPU-Z, which I formerly used, so I uninstalled CPU-Z but the problem was still there. I had ESET clean the file and restart, and the file was successfully deleted before the restart, but after the restart it had been re-created. I then tried restarting in Safe Mode and manually deleting the file and was able to do so, but on restarting to Normal Mode it had been recreated, so I went back into Safe Mode and deleted it again, then restarted to Safe Mode and it had not been recreated, then when I restarted to Normal Mode after that, it had been re-created. My question therefore is:

1) Is this a false-positive?

2) If it isn't a false positive, how do I trace it back to whatever is recreating it each time and solve the problem?




Share this post

Link to post
Share on other sites

The detection is correct, the driver can be exploited. If you want to exclude it from detection, you can unfold Advanced options, check the appropriate box there and click "Ignore".

Share this post

Link to post
Share on other sites

I will also add it appears the CosairLink4 software via an installed service is recreating CPU-Z driver at boot time. Therefore, the only way to permanently eliminate the Eset alerting would be to uninstall the  CosairLink4 software.

Edited by itman

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...