ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2009/11/06 03:21
Program Version:		Version 1.3.5.0
Windows Version:		Windows Vista SP1
==================================================

Drivers
-------------------
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8F503000	Size: 778240	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x9F7D8000	Size: 49152	File Visible: No	Signed: -
Status: -

Processes
-------------------
Path: System
PID: 4	Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1204	Status: Locked to the Windows API!

SSDT
-------------------
#: 078	Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x9cd7d48c

#: 194	Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x9cd7d478

#: 201	Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x9cd7d47d

#: 334	Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x9cd7d487

==EOF==