Virus Found: CLWMFDemux.ax [Avast! FREE 5.0]

[Wiiwa]

Hi,

Today I scanned ( with a full scan ) my computer and Avast! found " CLWMFDemux.ax ".
What does this file do? I pressed delete. Then it said it found another infected file and asked for a boot scan.
Now I don't know if the virus was succesfully deleted/removed or not.
I also tried to google the file it selected but I got at some sites that offered free scans and such because they don't know whats wrong with the file.
I didn't run such " Unknown internet scan device " because I don't trust them.

But can anyone give me some feedback on how to check if the virus was succesfully removed.
And what the fule " CLWMFDemux.ax " does.
The scan said it was located at C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLWMFDemux.ax.

[DavidR]

The location could be a clue as the two proceeding folders to the name are \Kernel\DMP\ which could be an indication of Kernel Dump files would be retained in the DMP folder. If that is correct it is possible that at the time of creation there might have been something strange going on.

On the other hand this could just be a data string that happens to closely resemble a malware signature. Also, the Win32:Malware-gen is generic signature (the -gen at the end of the malware name), so that is trying to catch multiple variants of the same type of malware and is a fine balance between detecting a new variant and detecting something valid as infected.

So there is a possibility it could be a false positive detection, which will need to be checked out. Unfortunately since you have deleted it there is no way to confirm one way or the other. Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest and investigate.

How large is/was that file ?

[Wiiwa]

I don't know.
Where can I check?
And I couldn't move it to the chest. It said I wasn't allowed to.

[DavidR]

That's the problem, unless you have a good memory, having deleted it there is no way to do that.

That is when you should have asked the question as the reason given why avast couldn't move it to the chest (file in use by another program, to big for the chest, etc.) the error message would have given information that could have helped us to help you. Unfortunately that opportunity is lost ?

There is a No Action option and that if you don't know what to choose when you can't move to the chest is safer. What it does is takes no action, leaves the file in place, but should you (or something else) try to run it avast would alert again. What it won't allow is the running of a suspect file even though chose No Action.

[Wiiwa]

Avast! said I wasn't allowed to remove it to the chest.
No further information.
I think Avast! gives alot of false/positives so I don't know if I can still trust it. 

[DavidR]

Then scheduling a boot-time scan would have got round file in use, etc. as windows isn't yet fully running when this scan is done.

All security applications suffer from one degree or another and avast is no different. Not to mention there is no way to confirm one way or another if this was an FP since you deleted the file.