Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Roguekiller detecting dumpfve.sys as a forged file?

  • Please log in to reply
1 reply to this topic

#1 Natyith


  • Members
  • 2 posts
  • Local time:12:15 AM

Posted 29 November 2016 - 09:08 PM


Decided to run Roguekiller. As far as I know I haven't been infected by anything, but I tend to run roguekiller+malwarebytes regularly just to be safe, in addition to having Avast and ublock origin.

The scan from Roguekiller detected windows\system32\drivers\dumpfve.sys as a 'forged' file. I tried scanning it with other programs, and also virustotal.com and it came up as safe. The file was created and last accessed on July 16th this year.

Is this a false positive? Is it even safe to delete?

I'm on Windows 10 Pro 64bit.


Mod Edit:  Sent PM requesting post of RogueKiller log - Hamluis.

Edited by hamluis, 29 November 2016 - 10:20 PM.

BC AdBot (Login to Remove)



#2 Natyith

  • Topic Starter

  • Members
  • 2 posts
  • Local time:12:15 AM

Posted 29 November 2016 - 10:27 PM

Here's the log file! I thought I attached it! Sorry. :)


As for the PUM's detected, all of them are confirmed to be deliberate modifications by myself.


Mod Edit:  No logs, moved topic to Am I Infected - Hamluis.

Edited by hamluis, 30 November 2016 - 06:33 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users