Announcement

Collapse
No announcement yet.

question about Rootpeal scan

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • question about Rootpeal scan

    I like to ask the support team about the following Rootpeal log from scan for Stealth Objects. When Daemon Tools and SPTD.SYS are uninstalled from the system, these entries disappeared. When I installed Daemon Tools again, these entries appeared again. Based on this, I believe those entires are associated with Daemon Tools. My concern is those unusual characters in the entries, made me wondered about trojans/malwares.

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_CREATE]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_CLOSE]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_READ]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_QUERY_INFORMATION]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_SET_INFORMATION]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_QUERY_VOLUME_INFORMATION]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_DIRECTORY_CONTROL]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_FILE_SYSTEM_CONTROL]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_DEVICE_CONTROL]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_SHUTDOWN]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_LOCK_CONTROL]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_CLEANUP]
    Process: System Address: 0x86edc1f8 Size: 121

    Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_PNP]
    Process: System Address: 0x86edc1f8 Size: 121
Working...
X