A question about AVZ and OSAM

Discussion in 'other anti-malware software' started by fanboy01, Oct 27, 2010.

Thread Status:
Not open for further replies.
  1. fanboy01

    fanboy01 Registered Member

    Joined:
    Oct 26, 2010
    Posts:
    7
    Hello Wilders community!

    I'm fanboy 01 and this is my first post on Wilders! I decided to join the Wilders community simply because I have an interest in PC security. I've been lurking around wilders for the past several months and I must say, that this is a very awesome website.:D Keep up the good work Paul! :thumb:

    Anyway, I wanted to ask a question about two particular security apps. These two apps are Online Solutions Autorun Manager and AVZ Anti-viral toolkit.

    I did some research about these two apps and I found both apps intriguing. I was going to give the two apps a try until I ran into some "complications".

    I'll start with AVZ. I researched AVZ on some download websites and I saw some comments about a possible virus lurking within AVZ. Here are the comments I could find:

    From portablefreeware: (http://www.portablefreeware.com/?id=1530)
    Edwin: AVZ put a file called "utmyntkw.sys" in c:\windows\system32\driver.
    Panda tells me that this files has the rootkit/bagle.uv in it. [2010-02-09 19:38]

    bajaatan: Spybot (Tea timer) see this program as Dropper.4Maximus and terminate process. Earlier version didn't have this problem [2010-07-12 06:44]

    From freewarefiles: (http://www.freewarefiles.com/review_17_244_58421.html)
    MCHAL: It's reported to create a dangerous .sys file in Windows drivers folder by many software brands at virustotal.com. 2010-07-12

    These were the only comments I could find. Did anybody know about these "virus" drivers? o_O

    As for OSAM, the only comments about a virus I could find were from raymond.cc (yes, I know that the comments are old).
    http://www.raymond.cc/blog/archives...e-autorun-manager-with-online-malware-scanner

    fman
    January 16th, 2009 at 2:40 am
    I am also always on the lookout for a good startup organizer/manager. This one is great thanks.
    btw. I notice you removed my reply.After updating nod32 keeps warning me but it’s probably a false positive.


    gamamew
    January 16th, 2009 at 5:30 am
    My NOD 32 detetecs the portable version as \”probably a variant of Win32/Packed.Themida application \”.

    I\’m concerned of trying the installable version too.

    Usman
    January 20th, 2009 at 2:00 pm
    It’s a great software but i cannot download it as my eset antivirous showing that it contains virous.My antivirous showing that it contain Win32/Packed.Themida virous. Can you please suggest me that is it safe to ignore this warning message?



    I downloaded the RAR version of OSAM and submitted it to virustotal and it alerted some of the scanners. I unpacked the files from the RAR and I submitted each individual through virustotal (there were only 9 files) and the only file that alerted scanners was the actual OSAM executable. I provided a link of the virustotal report.

    ~ VirusTotal Results Removed per Policy ~

    Now, the dumb thing is that I'm pretty sure that these files are false positives due to the fact that I haven't read many complaints about possible viruses within these two apps (one user on virustotal rated the OSAM.exe as goodware!) and the fact that I've seen Wilders users using these apps themselves! o_O

    The simple thing I want to know is that these are false positives, right? I would appreciate if anybody could verify that both OSAM and AVZ are 100% safe and virus free.

    Even though I have a very strong hunch that both OSAM and AVZ are false positives (I know that AVZ was developed by a Kaspersky worker and heard that the functions of AVZ were built into Kaspersky's own antivirus!), I'm just trying to be "better safe than sorry". Hey, you never know when a good security app will turn bad and join the dark side (i.e., Firefox add-ons like Ghostery and TACO, a legitimate anti-malware app that has become crippleware or a rogue).

    Any help or input will be appreciated. Thanks!
     
    Last edited by a moderator: Oct 27, 2010
  2. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    If you are concerned about the website from where you download AVZ, you can download AVZ directly from Kaspersky's website.

    I will avoid giving a direct download link for AVZ. Instructions: Click on the download link for the "Kaspersky Virus Removal Tool 2010". Cancel the download when you get the download prompt. Go to the web browser URL and delete the "AVPTool/" portion of the URL and hit enter. Select the AVZ folder. Click on the AVZ4.zip download link.

    http://support.kaspersky.com/viruses/avptool2010?level=2

    Some time back Prevx reported something malicious about AVZ. I contacted Prevx support and they indicated that it was not Malware. It was just something about AVZ that looked like Malware. Also, I think that "Sophos" reported AVZ as Malware, but when AVZ was uploaded to them it was reported by Sophos to be a false positive. So I assume that AVZ is non-Malicious, especially if you get it directly from Kaspersky's website.
     
  3. egomoo

    egomoo Registered Member

    Joined:
    Aug 28, 2007
    Posts:
    115
    In my opinion, both OSAM and AVZ are false positives,they are safe.
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    agree:)
     
  5. fanboy01

    fanboy01 Registered Member

    Joined:
    Oct 26, 2010
    Posts:
    7
    Shortly after posting this question, I decided "Oh, what the hell" (I went along with my hunch) and came to the conclusion that both AVZ and OSAM are false positives. Thank you TheKid7 for mentioning that you can download AVZ off from Kaspersky's website. I had no idea :blink: I should've thought about that when I knew AVZ was Kaspersky technology *facepalm* :ouch:

    Thanks for everybody else for responding! :thumb:
     
Thread Status:
Not open for further replies.