I stumbled across this site after. I thought I would run root repeal and see if there were any remnant infections or malware on my system. Here is the log:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/24 09:37
Program Version: Version 1.3.2.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: catchme.sys
Image Path: C:\DOCUME~1\Jerry\LOCALS~1\Temp\catchme.sys
Address: 0xBA350000 Size: 31744 File Visible: No Signed: -
Status: -
Name: Combo-Fix.sys
Image Path: Combo-Fix.sys
Address: 0xBA128000 Size: 60416 File Visible: No Signed: -
Status: -
Name: dump_CLASSPNP.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_CLASSPNP.SYS
Address: 0xB893B000 Size: 53248 File Visible: No Signed: -
Status: -
Name: dump_nvraid.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_nvraid.sys
Address: 0xB2026000 Size: 77824 File Visible: No Signed: -
Status: -
Name: PCI_PNP0720
Image Path: \Driver\PCI_PNP0720
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: PROCEXP90.SYS
Image Path: C:\WINDOWS\system32\Drivers\PROCEXP90.SYS
Address: 0xBA66A000 Size: 6464 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB1578000 Size: 49152 File Visible: No Signed: -
Status: -
Name: spkh.sys
Image Path: spkh.sys
Address: 0xB9EA7000 Size: 1048576 File Visible: No Signed: -
Status: -
Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xba7f4fc6
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xba7f4fbc
#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xba7f4fcb
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xba7f4fd5
#: 071 Function Name: NtEnumerateKey
Status: Hooked by "spkh.sys" at address 0xb9ec6ca2
#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "spkh.sys" at address 0xb9ec7030
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xba7f4fda
#: 119 Function Name: NtOpenKey
Status: Hooked by "spkh.sys" at address 0xb9ea80c0
#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xba7f4fa8
#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xba7f4fad
#: 160 Function Name: NtQueryKey
Status: Hooked by "spkh.sys" at address 0xb9ec7108
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "spkh.sys" at address 0xb9ec6f88
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xba7f4fe4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xba7f4fdf
#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xba7f4fd0
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xba7f4fb7
==EOF==
Thanks.