Jump to content

Win64/CPUZ.A detected by ESET


Recommended Posts


This morning I got a pop-up from ESET (see attached pictured) telling me that a potentially unsafe application had been found, called cpuz139_x64.sys. I assumed that it was from CPU-Z, which I formerly used, so I uninstalled CPU-Z but the problem was still there. I had ESET clean the file and restart, and the file was successfully deleted before the restart, but after the restart it had been re-created. I then tried restarting in Safe Mode and manually deleting the file and was able to do so, but on restarting to Normal Mode it had been recreated, so I went back into Safe Mode and deleted it again, then restarted to Safe Mode and it had not been recreated, then when I restarted to Normal Mode after that, it had been re-created. My question therefore is:

1) Is this a false-positive?

2) If it isn't a false positive, how do I trace it back to whatever is recreating it each time and solve the problem?




Link to comment
Share on other sites

  • Administrators

The detection is correct, the driver can be exploited. If you want to exclude it from detection, you can unfold Advanced options, check the appropriate box there and click "Ignore".

Link to comment
Share on other sites

I will also add it appears the CosairLink4 software via an installed service is recreating CPU-Z driver at boot time. Therefore, the only way to permanently eliminate the Eset alerting would be to uninstall the  CosairLink4 software.

Edited by itman
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...