ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2009/12/06 11:35
Program Version:		Version 1.3.5.0
Windows Version:		Windows XP SP3
==================================================

Drivers
-------------------
Name: PCI_PNP5752
Image Path: \Driver\PCI_PNP5752
Address: 0x00000000	Size: 0	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA789A000	Size: 49152	File Visible: No	Signed: -
Status: -

Name: spej.sys
Image Path: spej.sys
Address: 0xF7471000	Size: 1048576	File Visible: No	Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000	Size: 0	File Visible: No	Signed: -
Status: -

SSDT
-------------------
#: 041	Function Name: NtCreateKey
Status: Hooked by "spej.sys" at address 0xf74720e0

#: 071	Function Name: NtEnumerateKey
Status: Hooked by "spej.sys" at address 0xf7490ca2

#: 073	Function Name: NtEnumerateValueKey
Status: Hooked by "spej.sys" at address 0xf7491030

#: 119	Function Name: NtOpenKey
Status: Hooked by "spej.sys" at address 0xf74720c0

#: 122	Function Name: NtOpenProcess
Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys" at address 0xa794ab4c

#: 128	Function Name: NtOpenThread
Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys" at address 0xa794ac3a

#: 160	Function Name: NtQueryKey
Status: Hooked by "spej.sys" at address 0xf7491108

#: 177	Function Name: NtQueryValueKey
Status: Hooked by "spej.sys" at address 0xf7490f88

#: 247	Function Name: NtSetValueKey
Status: Hooked by "spej.sys" at address 0xf749119a

#: 257	Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys" at address 0xa794aab0

==EOF==