I have the msdirectx.sys file infected by a trojan. I quarantine this file, but I would like to know if this file can be removed safely. Avast is not able to repair it. How can I get it back not infected ?
if there is not virus detected for others antivirus, then it is a false positive. IF it is a false positive send the file to virus@avast.com in a password protected compressed archive. Dont forget to make a little explanation and the password.
Can you Google for msdirectx.sys for more info about the file.
If your computer works, I’ll suggest to let the file in avast Chest to further analysis. It won’t bring any harm to you.
Strange… Which is your sensitivity level of Standard Shield provider?
The sensitivity level was on normal, but I put it now on high. I hope it will work. The file was zipped in a rar archive. May be it is because the file was in two archives.
There shouldn’t be any problem with nested archives.
I’d say a likely explanation for not detecting the file earlier might be that the detection of this particular malware has been added only recently to the virus database, after it was already downloaded on your disk.
This is what I found up on this and this spybot has actually two hidden files, read here: http://www.antisource.com/article.php/spybot-hpsebc08-msdirectx
Go to the virus and worm section of our forum, read the sticky there first, and act according the ten steps proposed. Very anxious what your findings are. After completing these procedures post all the information in that forum section.
You can also load flister here: http://invisiblethings.org/tools.html Download, scan the zip, unpack and scan your system for bug calls. Just in case if it is what I fear it is.
Could you please verify that your emule downloads are actually being scanned?
I.e. when you download something, does the “Scan count” field of the P2P Shield provider increase?
When you click on the avast! blue tray icon, the “On-access Protection” window will appear. Click on “More details”, if not already expanded, and select the “P2P Shield” from the list of the providers. You will see the “Scanned count” and “Last scanned” items on the right side.