Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Roguekiller detecting dumpfve.sys as a forged file?


  • Please log in to reply
1 reply to this topic

#1 Natyith

Natyith

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 29 November 2016 - 09:08 PM

Hi-

Decided to run Roguekiller. As far as I know I haven't been infected by anything, but I tend to run roguekiller+malwarebytes regularly just to be safe, in addition to having Avast and ublock origin.

The scan from Roguekiller detected windows\system32\drivers\dumpfve.sys as a 'forged' file. I tried scanning it with other programs, and also virustotal.com and it came up as safe. The file was created and last accessed on July 16th this year.

Is this a false positive? Is it even safe to delete?

I'm on Windows 10 Pro 64bit.

 

Mod Edit:  Sent PM requesting post of RogueKiller log - Hamluis.


Edited by hamluis, 29 November 2016 - 10:20 PM.


BC AdBot (Login to Remove)

 


#2 Natyith

Natyith
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 29 November 2016 - 10:27 PM

Here's the log file! I thought I attached it! Sorry. :)

 

As for the PUM's detected, all of them are confirmed to be deliberate modifications by myself.

 

Mod Edit:  No logs, moved topic to Am I Infected - Hamluis.


Edited by hamluis, 30 November 2016 - 06:33 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users