Adlice forum

Software feedback => RogueKiller => Topic started by: clix on August 27, 2015, 07:29:49 PM

Title: Report posted for help.
Post by: clix on August 27, 2015, 07:29:49 PM

Hi all, so I have the following report and would be thankful if someone could shed some light on whether the below items are malicious or not, thanks again.

¤¤¤ Antirootkit : 7 (Driver: Loaded) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x41e0926c3f000000

Title: Re: Report posted for help.
Post by: Curson on August 28, 2015, 01:17:38 AM

Hi clix,

Welcome to Adlice.com Forum.
These hooks are legit.

Regards.

Note : This thread has been moved to the "RogueKiller" section for clarity.