THE HAL AREA

Unknown SSDT entries within the hal area, may be the result of a security app.

http://i3.tinypic.com/2rho5z8.png


Normally the table only goes until 283 as far as I remember.

GMer shows it this way:

SSDT 800D7000 SSDT[284]
SSDT 800D7000 SSDT[285]
SSDT 800D7000 SSDT[286]
SSDT C00D7040 SSDT[287]
SSDT C554B150 SSDT[288]
SSDT 800DB44B SSDT[289]
SSDT 800E3021 SSDT[290]
SSDT 80280000 SSDT[291]
SSDT 800E3200 SSDT[292]
SSDT 80265E00 SSDT[293]
SSDT 800D7000 SSDT[294]
SSDT 800D7000 SSDT[295]
SSDT 800D7000 SSDT[296]

 

Probably Kaspersky added them when owned your SSDT.

 

Hello,
If you wanna crash HAL, install a driver in runlevel 1, that'll show it.
Restart desktop and HAL will pop with an error: cannot initialize HAL.
Mrk

 

Make an example.

 

Hello,

sudo telinit 1
cd drivers
sudo sh driver_example.run > will warn about installation in runlevel 1
sudo /etc/init.d/xdm start

X Server will come with HAL error not initializing - no HAL.

Mrk

 

Maybe.

 

HAL AREA PART 2 This something is beyond process list, beyond sdt, beyond hal.. if this is no false positive then this may a bad thing but probably it is a fp from ice sword.

http://i18.tinypic.com/49i9h8k.png

 

I would like to say you that you found bug in IceSword.

 

hehe, I think so.. maybe IceSword detect itself.. beside EP_X0FF your tool icie is cruel to icesword is there any other possibility to stop the frozen icesword except rebooting?

 

hehe, no