ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2010/11/02 14:03
Program Version:		Version 1.3.5.0
Windows Version:		Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_iaStor.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_iaStor.sys
Address: 0x9A3AE000	Size: 892928	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA5564000	Size: 49152	File Visible: No	Signed: -
Status: -

SSDT
-------------------
#: 041	Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0x9cdb224e

#: 053	Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x9cdb2244

#: 063	Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0x9cdb2253

#: 065	Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0x9cdb225d

#: 098	Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0x9cdb2262

#: 122	Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x9cdb2230

#: 128	Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x9cdb2235

#: 193	Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0x9cdb226c

#: 204	Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0x9cdb2267

#: 247	Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0x9cdb2258

==EOF==