search

bytecode77 / r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
https://bytecode77.com/r77-rootkit
BSD 2-Clause "Simplified" License
1.59k stars 389 forks source link

CRITICAL PROCESS BSOD #6

Closed enverpasha closed 3 years ago

enverpasha commented 3 years ago

When I install install service 64, this screen meets why?

Adsız

bytecode77 commented 3 years ago

There is a similar issue reported a few days ago. Can you tell from the EventViever, which process was injected with the rootit that caused the crash? Winlogon may show up in EventViewer, because it initialized the shutdown. But what's the first process that crashed? Can you show the first eventviewer log?

enverpasha commented 3 years ago

EventViewer:Kernel Power Problem

DUMPSTACK RESULTS:

DumpStack.log

bytecode77 commented 3 years ago

This issue is fixed in 1.0.1. It was also reported in issue #5. Please feel free to re-open the issue, if it hasn't resolved on your testing environment.