Driver IO Handler Hooks Window

Vba32 AntiRootkit
Vba32 AntiRootkit Graphic User Interface
Driver IO Handler Hooks Window

Driver IO Handler Hooks Window

The Driver IO Handler Hooks window provides information on hooks of IRP packets and FastIO requests handlers.

The following data is displayed: hooked driver, the name of the hooked handler, current memory address of the handler as well as the name of the module that has installed the hook.

Examples of Detecting Hooks Installed by Some Rootkits

Rootkit.Win32.Agent.hxk

Vba32 AntiRootkit irp 1 Driver IO Handler Hooks Window
Driver IO Handler Hooks window

Rootkit.Win32.Agent.gvv

Vba32 AntiRootkit irp ati Driver IO Handler Hooks Window
Driver IO Handler Hooks window

Vba32 AntiRootkit

Driver IO Handler Hooks Window

Vba32 AntiRootkit > Driver IO Handler Hooks Window

Vba32 AntiRootkit