AVG reported rootkit or false positive?

I installed AVG 11 (free version) today and ran a rootkit scan. It flagged C:\WINDOWS\System32\DLA\DLAIFS_M.SYS. It looks like this is a driver for the SONIC CD/DVD burner that came with the machine, ThinkPad T61, XP-SP3.

AVG's FAQ says that sometimes legitimate drivers use "rootkit-like techniques." OK, so does anyone know whether this driver is one of them? What's the best way to sort this out?

Thanks.

 

have you tried uploading the suspected file to virus total.

VirusTotal - Free Online Virus, Malware and URL Scanner

 

I sent it to AVG for now. There are other reports of the same file raising alerts, but I haven't seen any definitive response yet.

 

AVG has concluded that the driver is not malicious, but recommended looking for an updated version. Neither Lenovo nor Sonic seem to have anything more current, so it looks like the best thing to do is simply ignore the warning.

FYI.

 

There could be a problem in the software or the threshold the is required to complain also.

Renee

 

I assume you mean the AVG software. That's my guess as well. The rootkit detection stuff is new in AVG and probably needs some fine tuning. I didn't lose any sleep over it, really, but thought it prudent to follow up.