avast 5.0.366: suspicious file detected : %SystemRoot%\system32\drivers\hardlock.sys
edit: detected by avast heuristics (previous avast version not detected anything suspicious like that) hardlock.sys
HARDLOCK.SYS is related to Hardlock Device Driver for Windows NT.
Manufacturer: Aladdin Knowledge Systems Ltd. www.aladdin.com
The file deleted several times from the computer using avast5.0.366 menu whenever avast5.0.366 detected the file but the file is coming back again and again.
Complete virus scan from avast5.0.366 found no virus or malware.
Any malware can be named anything - so you should check where the files of the running processes are located on your disk. If a “non-Microsoft” .exe file is located in the C:\Windows or C:\Windows\System32 folder, then there is a high risk for a virus, spyware, trojan or worm infection!
Heuristical find: http://heavenward.ru/removeany_search.php?s=4ef7.hardlock.sys
This is why it probably was flagged: First of all there are two versions of hardlock.sys because they contain different packet crypt code. And both do it inside virtual machine. Code of VM and p-code obfuscated. The obfuscation there is probably heuristically flagged - so update to avast with this
remark…
