The latest Avast definitions are identifying 2 Microsoft system files as malware. I feel this may be a false positive as VirusTotal has no virus search engines indicating a problem (including the Avast one). I did rescan the files rather then take the earlier findings there, but all were clear…

The files are as follows:-

C:\programdata\dbg\sym\afd.sys.…\afd.sys (this system file is an ancillary function driver for winsock)

C:\programdata\dbg\sym\srv2.sys|…\srv2.sys (this system file is smb 2.0 server driver).

The Avast scan classification is:- Threat win 64: Malware-gen - Severity high

I also checked with Metascan online. All clear there also and the hash option tallied for afd.sys.

MD5 36D6A3201721558A8AFBCC09C2DA4C2C

SHA1 05B52A7BD5BDFB0EA0650A9D0E9131F4B22C14FB

VirScan also gave a 100% clean report…

I haven’t deleted them yet, as I know that they are important and quite possibly FP.

I would appreciate your response.

Best wishes,

Howie

Get yourself a VirusTotal scan for those to files just to be sure. Yes, those files are important system files hence they are severely targeted by the malware authors.

Regards,
Valinorum

Hello,
thanks for notice, it should be fixed now. Sorry for any inconvenience.

Milos

Thanks Milos:)