Laurids

False positive: agilevpn.sys?

4 posts in this topic

Hello malware bytes just detected a file known as: Unknown.rootkit.driver

which seemed to have infected: C:\WINDOWS\System32\drivers\agilevpn.sys

i am wondering if this is a false positive?

 

These are the logs:

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/20/17
Scan Time: 11:27 PM
Logfile: 
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1549
License: Free

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: LAURIDS-PC\LauridsFrej

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 380961
Time Elapsed: 23 min, 53 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Unknown.Rootkit.Driver, C:\WINDOWS\System32\drivers\agilevpn.sys, Replace-on-Reboot, [0], [0],0.0.0

Physical Sector: 0
(No malicious items detected)


(end)

 

Share this post


Link to post
Share on other sites

I too have had this file reported as malware. I have zipped and attached the file.

Scan report as follows -

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/24/17
Scan Time: 10:31 AM
Logfile:
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1583
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: EKO-DELL-02\Christopher Coutts

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 566303
Time Elapsed: 17 min, 34 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.VulnerableDellSystemDetect, HKU\S-1-5-21-1823509685-2456680587-822435425-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DELLSYSTEMDETECT, No Action By User, [18193], [251680],1.0.1583

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Unknown.Rootkit.Driver, C:\WINDOWS\System32\drivers\agilevpn.sys, No Action By User, [0], [0],0.0.0

Physical Sector: 0
(No malicious items detected)


(end)

 

 

 

agilevpn.zip

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.