comodo gave me a pop up of typival virus behaviour?

when I went to C:\WINDOWS\system32\DirectX\Dinput comodo gave me a pop saying directx (i think it was direct x) was trying to hide files and this was typical virus behaviour? I chose block. Is this a false positive?

Defense+ does not specifically declare an application to be malicious or not. It merely warns you of “possibly” malicious behavior.

When you receive a warning of this type of behavior always consider what you know of the program you’re running/installing. If you’re not sure then check out using the methods described here:
How To Tell If A File Is Malicious.

In other words it’s probably a safe application (ie: DirectX), but check it out if you’re not sure.