This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

hidden File - SAVRKBootTasks.sys

Hi, i have just run Sophos Anti-Root kit on my Windows 7 Professional Notebook. It has found the following Unknown hidden file:

C:\Windows\System32\SAVRKBootTasks.sys

I have googled and can't find anything useful. I don't beleive it is a Windows file. It is hidden, I have show hidden files enabled and can't seam to access, even from the command line, e.g. trying to copy to another location. Windows states the file doesn't exist.

Can't anyone help identify what this file is?

Regards

Matt

This thread was automatically locked due to age.

0 QC over 14 years ago

Hello Matt,

was this the initial (and only) run of the Anti-Rootkit?

SAVRKBootTasks.sys (actually the name all lowercase) is in the Sophos Anti-Rootkit folder. I can imagine it is copied to the system32 directory when a cleanup is needed and requested. This doesn't explain why it is detected though. Sadly I have fortunately no rootkits available with which I could test the behaviour.

Does it still turn up after a reboot and a new scan?

Christian
:5235
Cancel
Vote Up 0 Vote Down

Cancel