Results 1 to 2 of 2
  1. #1
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Southwest USA
    Posts
    219
    Thanks
    46
    Thanked 6 Times in 3 Posts
    Just did an Anti-Rootkit scan using the module within AVG Free AntiVirus 2011 and it found the following:

    C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (IRP hook, \FileSystem\Cdfs IRP_MJ_FILE_SYSTEM_CONTROL -> DLAIFS_M.SYS +0x912) (Object is hidden)

    Is this some form of malware?
    Or is it just a false positive?

    If it is a false positive, how do I determine what that file is being used for AND what software is using it?

  2. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,433
    Thanks
    371
    Thanked 1,456 Times in 1,325 Posts
    Stephen,

    My guess is you have a Roxio product installed. This process is used for drive letter access - DLA. See here.
    This is not a Root-Kit if you have Roxio installed, however if you don't and never did...we have a problem Houston!
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •