Jump to content

Possible FP atikmdag.sys.bak


Recommended Posts

  • 3 weeks later...

Ok Malwarebytes Antirootkit comes up with this as a possible threat. Just to be clear is this indeed a Trojan/Virus? Or is it that you guys were looking into it? I found the link when I googled that and MB ARK  The mbar-log is posted below for reference.

Please Advise )

M,

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.26.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
NikDim :: HPNIKTOP [administrator]

12/26/2013 09:19:36
mbar-log-2013-12-26 (09-19-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 235183
Time elapsed: 13 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\WINDOWS\SYSTEM32\drivers\atikmdag.sys.bak (Unknown.Rootkit.Driver) -> No action taken.

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

That isn't really a false positive it's a forged file which means there's a difference between the file when read from low level and windows api.

You can remove it because it's not loaded anyway as it's a .bak file

The correct one is \systemroot\system32\drivers\atikmdag.sys

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.