Possible Malware

Discussion in 'malware problems & news' started by Vinicius Alexandre, Dec 24, 2010.

Thread Status:
Not open for further replies.
  1. Vinicius Alexandre

    Vinicius Alexandre Registered Member

    Joined:
    Aug 15, 2010
    Posts:
    6
    Hello friends. In a recent scan, I came across a file called utqwotgz.sys, which is located in
    C: / Windows/System32/drivers. A scan at Virus Total site shows me that 19 brands of antivirus consider it as a malware. The community of the same site proves indecisive. Some point to the file as belonging to AVZ tool virus removal tool, but it happens that I never installed this tool on my computer.
    I would like to hear from you.

    Thanks.
     
    Vinicius Alexandre, Dec 24, 2010
    #1
  2. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,576
    Submit the file to multiple AV vendors for analysis. See the following on how to submit the file for analysis.

    https://www.wilderssecurity.com/showthread.php?t=277780
     
    Last edited: Dec 24, 2010
    TheKid7, Dec 24, 2010
    #2
  3. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    AVZ is dropping a ute0mzk1.sys - 20/43 - MD5 : 524d8d450622db4a7875b111c299a76b here which seems to auto-delete after a scan is completed.

    So those 20/43 detections are false positives in the case with my sample?
     
    Franklin, Dec 24, 2010
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...