Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Kaspersky scan said file was threat free [VirusTotal==>19/43]


Recommended Posts

Posted

IObit Security 360

 

OS:Windows XP

Version:1.5.0.13

Define Version:1815

Time Elapsed:00:03:22

Objects Scanned:48873

Threats Found:1

 

|Name|Type|Description|ID|

Trojan.Agent, File, C:\WINDOWS\system32\Drivers\utexnjq5.sys, 9-26546

utexnjq5.zip

Posted

This file is not infected and poses no threat.

 

It is in fact a driver file for AVZ (by Kaspersky).

 

Kaspersky nor any of the other serious antivirus vendors detect it as infected, because they know what it is.

 

The Bagle detection you see there is not true, but Bagle does use this file to do bad things.

 

hxin : just look at the file description ("Details" tab).

 

 

Let's ask our user. Fred : have you used AVZ on that machine ?

-

-

-

Posted

Hi hxin,

 

Why uteyotax.sys is analyzed instead of attached utexnjq5.sys file in VirusTotal?

 

I have uploaded utexnjq5.sys

and it gave a similar result though.

VirusTotal Report

 

Properties=>Details of utexnjq5.sys

 

http://forums.iobit.com/attachment.php?attachmentid=5953&d=1284668605

 

 

Cheers.

Posted

Hi enoskype :smile:

 

Yeah I noticed that too, and had it re-analyzed with the same results.

When hxin had it analyzed, he was told it had already been analyzed so he chose (probably) to view that report. File had a different name, but same MD5, so VirusTotal considers them identical (which is true in most cases).

 

AVZ files can take on different names. We see that with many other tools as well, to try and avoid malware from blocking them.

 

 

===

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...