PDA

View Full Version : question about Rootpeal scan



namsilat
10.09.2009, 02:06
I like to ask the support team about the following Rootpeal log from scan for Stealth Objects. When Daemon Tools and SPTD.SYS are uninstalled from the system, these entries disappeared. When I installed Daemon Tools again, these entries appeared again. Based on this, I believe those entires are associated with Daemon Tools. My concern is those unusual characters in the entries, made me wondered about trojans/malwares.

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_CREATE]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_CLOSE]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_READ]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_CLEANUP]
Process: System Address: 0x86edc1f8 Size: 121

Object: Hidden Code [Driver: CdfsȀ෺䅓䍃B, IRP_MJ_PNP]
Process: System Address: 0x86edc1f8 Size: 121