Quantcast
PC World
Search
Browse by Topic
Subscribe

Magazine

Subscribe & Get
a Bonus CD

Customer Service

You are not logged in, click here to log in.
Up to Discussions in Answer Line

This Question is Possibly Answered

1 "correct" answer available (4 pts) 2 "helpful" answers available (2 pts)
1 Replies Last post: May 10, 2008 10:53 AM by SpiritWind  
Click to view 2dmaxf's profile New Member
2dmaxf
8 posts since
Dec 8, 2007
Reply

May 9, 2008 12:07 PM

Rootkit Found After Using Rootkit Detective

Rootkit detective found an interesting object in my computer. It reads as follows:
object type: SSDT-hook
object name: ZwDeviceIoControlFile
object path: c:\windows\system32\drivers\ipvmon.sys
Can anyone tell me what this is, and what it does? Internet provider virtual monitor?
Reply
Click to view SpiritWind's profile Enthusiast
SpiritWind
1,060 posts since
Aug 19, 2006
1. May 10, 2008 10:53 AM in response to: 2dmaxf
Re: Rootkit Found After Using Rootkit Detective

http://forums.pcworld.com/images/emoticons/grin.gif Hi :


After doing some "Searching" on "Google", the best I could find out is the "Rootkit Detective"

is a BETA ( "Experimental ) program being developed by McAfee . No "jpvmon.sys" exists .

When it comes to possible rootkit "detection", Best to Start with the "Granddaddy" of them

all, the FREE "Rootkit Revealer" from

http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx .

The One time I saw "SSDT-hook" discussed on the McAfee Support Forums, the McAfee

person encouraged the person to seek Help on a "Specialty" Malware-fighting

Support Forum ( July of 2007 ) .

For the BEST in what COUNTS in LIFE : http://www.tacf.org
Reply

Actions