 -   ..  
"Rootkits, Spyware/Adware, Keyloggers & Backdoors:   "

 Source
     ,   .  
     .    
 ,      
      ( 
      
).

  Rootkit
     ,    
   .
  - ROOTKIT1 -    UserMode-, 
            
     .    LoadLibrary  
    GetProcAddress       . 
       .
  - ROOTKIT2 -   UserMode-,    
    .       ROOTKIT1.   
    rootkit_lib      C.
  - ROOTKIT3 -    UserMode-, 
            
     .       
       FindNextFile     
    .
  - ROOTKIT4 -    UserMode-, 
          
     .      
       MessageBox (  
    "!"    ).
  - RKKM1 -   KernelMode-,   
            KiST.   
          ,     
    "rootkit".
  - RKKM1a -     RKKM1  ,  
        (   -    
    "rootkit"   ).
  - RKKM2 -   KernelMode-,   
             
     .
  - RKKM3 -   ,    EPROCESS 
      .
  - RKKM4 -       ,   
         .
  - UserMode_DKOM -       PEB  
        .   C  
        C
    RKKM1-RKKM4   Release   
  .

  Keylogger
     ,     
   .
  - KD1 -     .    
      :    (key.dpr)  , 
            
    .
  - KD2 -  ,     
    .
  - KD3 -  ,   -  UserMode. 
     kd3.dpr      
        CreateRemoteThread.   (key_rk.dpr)  
       key_rk.dll,      
       c:\keylog.txt.
  - KD4 -    ,     
    (  -).
  - KD5 -  ,   -  KernelMode. 
     Loader     , 
      ,  /   
    .   Release   .
  - ClipbrdMon1 -  ,        
     .
  - ClipbrdMon2 -  ,      
         ,    
       .

  Malware
        ,  
  , TrojanDownloader.
  - FileLock1 -        
          .
  - TrojanDLL1 -    DLL    .
  - TrojanDLL2 -    DLL   
    .
  - SNIFFER -      RAW SOCKET.

 Info
    ,       
  .
    w2k3_sp1_eprocess.txt, w2k3_sp1_peb.txt -  EPROCESS  PEB, 
          Dbgview  Windows 2003 SP1.
    xp_sp2_eprocess.txt, xp_sp2_peb.txt -  EPROCESS  PEB, 
          Dbgview  Windows XP SP2.

 AVZ
     AVZ,    -
       , AdWare/SpyWare   
   .         
    -.

