ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2011/01/03 22:03
Program Version:		Version 1.3.5.0
Windows Version:		Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xAA251000	Size: 98304	File Visible: No	Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8A28000	Size: 8192	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA9727000	Size: 49152	File Visible: No	Signed: -
Status: -

Name: sb8kxvw8.sys
Image Path: C:\WINDOWS\system32\drivers\sb8kxvw8.sys
Address: 0xA92E7000	Size: 81920	File Visible: No	Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

SSDT
-------------------
#: 041	Function Name: NtCreateKey
Status: Hooked by "Lbd.sys" at address 0xf854287e

#: 247	Function Name: NtSetValueKey
Status: Hooked by "Lbd.sys" at address 0xf8542bfe

==EOF==