Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iastor.sys!! =@


  • Please log in to reply
3 replies to this topic

#1 neer54

neer54

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 24 August 2010 - 08:10 AM

Hi this malware has been driving me crazyyy!! it restarts my pc around 2-3 times a day redirects my web page and i tried using hitman pro to rmeove it, it recognises it but it wont delete it!! and help would be much appreciated!!

Edited by hamluis, 24 August 2010 - 09:20 AM.
Moved from XP forum to Am I Infected ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,734 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:10 AM

Posted 24 August 2010 - 08:43 AM

What makes you describe it as malware?

http://www.file.net/process/iastor.sys.html

Louis

#3 fueL

fueL

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia, PA
  • Local time:08:10 AM

Posted 24 August 2010 - 08:50 AM

This file has been known to be affected by the TDSS rootkit, I would suggest posting in the appropriate malware forum to get assistance with this.


"When the infected driver runs, it executes the 824 bytes loader which then runs the kernel mode component of the infection. It creates a fake driver object, its relative device object, and hijacks every disk I/O communication at the level of drivers's chain where the infected driver was located (i.e. infected driver could be atapi.sys, or iastor.sys). "
- http://www.prevx.com/blog/139/Tdss-rootkit...ns-the-net.html

#4 neer54

neer54
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 25 August 2010 - 04:27 AM

What makes you describe it as malware?

http://www.file.net/process/iastor.sys.html

Louis


hey sorry i don't know if it is malware or not, im not good at techhy stufff :thumbsup: okay i tried the registry booster but hitman pro still shows the rootkit there.. :/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users