dave Posted December 25, 2009 Hi folks, C:\dptrack0.sys Microsoft Security Essentials keeps reporting this file as being infected with DOS/Sinowal.l. It says that it has cleaned this threat but keeps reporting it. It won't be deleted. What is this file for ? Do I have to wait for a tool to remove it if required ? Thank you Dave. Share this post Link to post Share on other sites
siliconman01 Posted December 26, 2009 Have you tried rebooting into SAFE MODE and running a Complete Scan with SAS? If so, does SAS detect dptrack0.sys as an infection and attempt to remove it? Share this post Link to post Share on other sites
dave Posted December 26, 2009 I tried safe mode ( as other infections caused a blue screen by irq problems ) , neither SAS or Malwarebytes found any of these infections. There were about three other infections , all found any cleared by the Microsoft product . Admittedly the Msoft entry said that they were mostly added to the database during December. Share this post Link to post Share on other sites
siliconman01 Posted December 27, 2009 Go to the link below and run dptrack0.sys through VirusTotal to see if other AV programs are detecting this specific file as malicious. It is possible that Essentials is falsely detecting this file. Post back here the results of the VirusTotal scan. http://www.virustotal.com/ If other AV's are finding dptrack0.sys as malicious, submit the file to SuperAntiSpyware and the gurus will prepare a detection/removal rule within SAS. https://www.superantispyware.com/precreateticket.html Share this post Link to post Share on other sites
siliconman01 Posted December 27, 2009 You should report it to Microsoft as a false positive so they can fix their detection rules. I don't use MS Essentials so I am not sure how to report an FP to them. Share this post Link to post Share on other sites