In another post today (No problems - Just a question) you put me onto a small utility called DriverView. There was one item that worries me in the report. It was:
Driver Name Address File Type
dump_iaStor.sys 0x88b13000 Unknown
Modified Date and Created Date were both N/A
File Name was C:\Windows\System32\Drivers\dump_iaStor.sys
Under file attributes there was nothing
I wonder if you might help me with this, or tell me where I can go to get help.
Thank you
iastor.sys
Threat Name: iastor.sys Spread Method: External Storage Device (USB Device etc.) Threat type:iastor iastor.sys first detected:2010-01-31 Virus file known is driver file *.sys written in C File Size:547K Bytes. Behavior:Add program s process Level of Spread:6 Level of Threat:1 Reported Path:Unkonow path
http://www.latest-virus.com/iastorsys-1522
Also see here
http://forums.techguy.org/virus-other-malware-removal/976511-iastor-sys-virus.html
and here
This is a shortened Google search link.
iastor.sys is the Intel® Rapid Storage Technology driver, it is not malware
I’m a bit confused by the two replies. I’m not having any problems like those explained where this seemed to be a virus. However, why was this driver not shown as “Intel” under the “Company” heading? Under Description, Version, Company, Product Name it’s all blank for this one; whereas I have other Intel items on the DriverView scan where all this information is filled in.
Read http://www.file.net/process/iastor.sys.html as iaStor.sys may or may not be legitimate, or may be infected.
Upload iaStor.sys to http://www.virustotal.com/ where it will be scanned by 41 antivirus products. Post the results URL back here.
I’m not sure how to use this link you gave me. I think I used it correctly because I got a report that showed 0/42 0.0%.
I found a “compact” button and was able to create a Tiny url so here it is: http://xrl.in/7g72
I bookmarked this page so if I’ve done something wrong maybe I can go back and get it right.
Please let me know.
The file may or may not be infected.
At this point I would suggest doing a full scan with Malwarebytes and SuperAntiSpyware (SAS) and see what the results are.
If the scans comes up clean and you are not having any problems with your computer then I would suggest to just leave it alone.
There have been some reports within the last several months of a bad and/or infected iastor.sys driver update? associated with IRST.
Since the driver in question is not a Windows OS driver then one might want to ask the question, dose the computer in question have a valid reason for having the iastor.sys driver?
I assume you were able to get to the link then, and that there must have been something about the report that left you in question. Within the past few days I have done a full scan with both SAS and MBAM, in addition to doing a FULL scan every day with Avast. But I will perform those scans again and let you know.
As to your last post, those are my sentiments exactly. Is there any way I can get the question you proposed answered?
dump_Iastor.sys is legitimate and is a temporary repository for the data and is recreated on a boot basis - not a problem ;D
I want to thank all of you who have contributed to this topic. It has really been great to get so much input!
Interesting Google search results on iastor.sys
and here for a Google search on iastor.sys vista virus
https://encrypted.google.com/search?hl=en&client=firefox-a&hs=BuY&rls=org.mozilla%3Aen-US%3Aofficial&q=iastor.sys+virus+vista&aq=f&aqi=&aql=&oq=
My understanding is that the iastor.sys is used for Intel RAID storage systems or specifically for the Intel® Rapid Storage Technology. This Intel RAID storage system has been around since the days of the Floppy Disk though it is still in use today.
http://www.intel.com/support/chipsets/imsm/sb/cs-021701.htm
I am not sure why you have this driver on your hard disk drive if you are not or have not used the IRST system on your computer.
Maybe someone else can answer this question.
I would try and locate this driver number and information by opening the Windows Device Manager and then locating the storage devices that it lists. Look for Disk Drives, DVD/CD-ROM drives, IDE ATA/ATAPI Controllers or any line item that has the word Controller in it. Also look for Portable Devices. Once you locate one click on it and then right click on each item listed. Then click on Properties and finally click on Driver. If any of your storage devices are using this driver you should be able to see it listed. If you find the Driver note its Provider, Date, Version and Digital Signer. Click on Driver details to locate where the driver is located.
See if you find anything and post back what you found on your system about the iastor.sys driver.
If you can not locate the driver this way and/or have never had this Intel RAID system on your computer you have a virus.
Good luck
Thank you Nesivos for hanging in there to the bitter end! 
I did find this driver when I went to Device Manager and did what you instructed.
It was under
Storage Controllers
Intel(R) 82801HR/HH/HO SATA RAID Controller.
Note the differences
dump_Iastor.sys
iastor.sys
I would still check the Digital Signer and driver release number to make sure they are in order.
If the driver has no digital signer or is out dated it could cause problems.
Once you have the driver version number then you can use DriverMax, I believe that the current release is 5.7, to see if this driver and all of your drivers are up to date. If you do use DriverMax there is a free version which limits you to two driver downloads a day. If it shows a more current “Digitally Signed” version of your driver then your current version I would Google the version number that DriverMax is recommending that you update to. If it comes up clean on the Google search then you may to consider updating to the newer Digitally Signed driver version using DriverMax or some other method.
Sometimes driver version numbers get mixed up if you are looking at a driver file name that is used on both XP and Vista/Windows7. However, since you are using Vista unless you upgraded on your computer from XP the driver number that DriverMax finds and the one that it says is the latest version should be in the proper numbering sequence. Again make sure that you are looking a Digitally Signed driver. Unfortunately the free version of DriverMax will show drivers that are Digitally Signed and those that are not. Ignore those that DriverMax says are current versions in their scan if those drivers are not Digitally Signed. I cannot over emhasise this. DriveMax will tell you if a driver is Digitally Signed or not
DriverView shows it as dump_iastor.sys
Device Manager shows it as iastor.sys
So now where does that leave me?
Digital Signer: Microsoft Windows Hardware Compatibility Publisher
Version: 6.2.0.2002 10/11/2006
I’m going to say, though, that I am very leary of messing with my drivers because I have gotten in trouble every time I’ve ever done it. I have DriverMax, but I just don’t use it anymore because of that. I’ve done much reading on drivers and it appears that if a driver isn’t causing you any problems it’s best to leave it alone. This driver wasn’t really causing me any problems. It just came up in this DriverView and I questioned it because there was so little info given.
DriverView shows it with this dump in front, but in Device Manager, and as it is shown in C drive, it does not have that in the description.
So, you think that MS signs malware with their WHQL certified drivers signature, or what exactly is the “issue” here? Have you seen any AV to detect the driver as malware (see Virustotal)?
My suggestion is to leave the file alone and move on, there is nothing wrong with it.
P.S. Oh, and avoid stuff like DriverMax or anything similar like plague. These utilities are just trying to lure you into paying for their unrestricted versions which are equally useless, with quality rating anywhere between broken s**t and utter crap - and likely to render your system unusable.
I just completed full scans with Avast, SAS and then MBAM. No problems found. I thank everyone very much for their help and input.