ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2012/07/06 15:29
Program Version:		Version 1.3.5.0
Windows Version:		Windows XP SP3
==================================================

Drivers
-------------------
Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF7444000	Size: 63744	File Visible: -	Signed: -
Status: Hidden from the Windows API!

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xBA058000	Size: 98304	File Visible: No	Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79B3000	Size: 8192	File Visible: No	Signed: -
Status: -

Name: Fastfat.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Address: 0xB928C000	Size: 143744	File Visible: -	Signed: -
Status: Hidden from the Windows API!

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF79A5000	Size: 7936	File Visible: -	Signed: -
Status: Hidden from the Windows API!

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xBA0E8000	Size: 456320	File Visible: -	Signed: -
Status: Hidden from the Windows API!

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7AE3000	Size: 574976	File Visible: -	Signed: -
Status: Hidden from the Windows API!

Name: PCI_NTPNP6518
Image Path: \Driver\PCI_NTPNP6518
Address: 0x00000000	Size: 0	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB91B4000	Size: 49152	File Visible: No	Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xBA230000	Size: 361600	File Visible: -	Signed: -
Status: Hidden from the Windows API!

Name: uxtdqpod.sys
Image Path: C:\DOCUME~1\SB\USTAWI~1\Temp\uxtdqpod.sys
Address: 0xB9061000	Size: 100864	File Visible: No	Signed: -
Status: -

SSDT
-------------------
#: 041	Function Name: NtCreateKey
Status: Hooked by "sptd.sys" at address 0xf74ed0d0

#: 071	Function Name: NtEnumerateKey
Status: Hooked by "sptd.sys" at address 0xf74f2fb2

#: 073	Function Name: NtEnumerateValueKey
Status: Hooked by "sptd.sys" at address 0xf74f3340

#: 119	Function Name: NtOpenKey
Status: Hooked by "sptd.sys" at address 0xf74ed0b0

#: 160	Function Name: NtQueryKey
Status: Hooked by "sptd.sys" at address 0xf74f3418

#: 177	Function Name: NtQueryValueKey
Status: Hooked by "sptd.sys" at address 0xf74f3298

#: 247	Function Name: NtSetValueKey
Status: Hooked by "sptd.sys" at address 0xf74f34aa

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System	Address: 0x8b13c1e8	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP]
Process: System	Address: 0x8a6ef790	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System	Address: 0x8af711e8	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP]
Process: System	Address: 0x890fc790	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System	Address: 0x8b0cc1e8	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP]
Process: System	Address: 0x8af9e790	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System	Address: 0x8b13e1e8	Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System	Address: 0x8a7421e8	Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System	Address: 0x8a7421e8	Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8a7421e8	Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8a7421e8	Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System	Address: 0x8a7421e8	Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System	Address: 0x8a7421e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System	Address: 0x8b0551e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System	Address: 0x8a73f1e8	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_CREATE]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_CLOSE]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_READ]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_QUERY_INFORMATION]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_SET_INFORMATION]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_DIRECTORY_CONTROL]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_DEVICE_CONTROL]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_SHUTDOWN]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_LOCK_CONTROL]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_CLEANUP]
Process: System	Address: 0x8a6f4790	Size: 121

Object: Hidden Code [Driver: Cdfs؅ᨀଐ亐؂ఈ浗灩, IRP_MJ_PNP]
Process: System	Address: 0x8a6f4790	Size: 121

==EOF==