Suspicious drivers, is it a rootkit?

C:\Windows\System32\Drivers\dump_dumpata.sys
C:\Windows\System32\Drivers\dump_dumpfve.sys
C:\Windows\System32\Drivers\dump_msahci.sys

I was looking for an answer concerning these same drivers that were shown in nirsoft DriverView

according to the Driver Reference Table found at John Carrona website, Microsoft MVP http://www.carrona.org/dvrref.php

dump_dumpata.sys

%SysDir%\Drivers\DUMP_DUMPATA.SYS is related to Microsoft Windows Vista.
DUMP_DUMPATA.SYS is a system driver for managing ATA devices. 

dump_dumpfve.sys

%SysDir%\Drivers\DUMP_DUMPFVE.SYS is related to Microsoft Windows Vista.
DUMP_DUMPFVE.SYS is a Full Volume Encryption Crashdump Hibernate Filter Driver.
DUMPFVE.SYS is a part of Microsoft® Windows® Vista Operating System. 

dump_msahci.sys

DUMP_MSAHCI.SYS is related to MS AHCI 1.0 Standard Driver.
DUMP_MSAHCI.SYS is a part of Microsoft® Windows® Operating System.
Manufacturer: Microsoft Corp.

seems to be they are all related to dump files and legit,but I don't know for certain myself,it might be helpful to another

windows 7 SP1


No, you don't have a rootkit. This is how a freshly installed Win 7 SP1 looks like for me:

enter image description here

  • dump_dumpfve.sys is part of Win 7
  • dump_iaStor.sys is part of a driver I installed. Intel Storage something something

In your case additionally:

  • dump_msahci.sys has to do with AHCI driver.
  • dump_dumpata.sys has to do with PATA, otherwise known as Parallel ATA, I'd hazard a guess that the dum before pata in dumpata stands for dummy, but I dunno.

In short, no, you don't have a rootkit.