A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
 #2895  by stano
 Tue Sep 28, 2010 6:25 pm
Hello, I made just a windows scan with antirootkit rootrepeal and rkunhooker from this forum and got some results. Attaching logs here, can someone explain more about that?

Sorry if this is a wrong section ;)
Attachments
(22.6 KiB) Downloaded 34 times
(43.08 KiB) Downloaded 37 times
invalid pe image found.png
invalid pe image found.png (87.64 KiB) Viewed 296 times
 #4042  by EP_X0FF
 Fri Dec 17, 2010 10:40 am
Zero Access replaces IRP handlers of disk.sys system driver. There are no such stuff in both reports.
In case of topic starter reports it was Alcohol/Daemon tools SPTD driver.

Necropost removed, thread locked.