Author Topic: Report posted for help.  (Read 3908 times)

0 Members and 1 Guest are viewing this topic.

August 27, 2015, 07:29:49 PM

clix

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Report posted for help.
« on: August 27, 2015, 07:29:49 PM »
Hi all, so I have the following report and would be thankful if someone could shed some light on whether the below items are malicious or not, thanks again.

¤¤¤ Antirootkit : 7 (Driver: Loaded) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x41e0926c3f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x41e0926c3f000000

Reply #1August 28, 2015, 01:17:38 AM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Report posted for help.
« Reply #1 on: August 28, 2015, 01:17:38 AM »
Hi clix,

Welcome to Adlice.com Forum.
These hooks are legit.

Regards.

Note : This thread has been moved to the "RogueKiller" section for clarity.