ROOTREPEAL (c) AD, 2007-2009 ================================================== Scan Start Time: 2010/10/11 15:13 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP2 ================================================== Drivers ------------------- Name: 1394BUS.SYS Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS Address: 0xF75FC000 Size: 53248 File Visible: - Signed: - Status: - Name: ACPI.sys Image Path: ACPI.sys Address: 0xF74AC000 Size: 188672 File Visible: - Signed: - Status: - Name: ACPI_HAL Image Path: \Driver\ACPI_HAL Address: 0x804D7000 Size: 2058112 File Visible: - Signed: - Status: - Name: aec.sys Image Path: C:\WINDOWS\system32\drivers\aec.sys Address: 0xB1B70000 Size: 142464 File Visible: - Signed: - Status: - Name: Afc.sys Image Path: C:\WINDOWS\system32\drivers\Afc.sys Address: 0xF796C000 Size: 32768 File Visible: - Signed: - Status: - Name: afd.sys Image Path: C:\WINDOWS\System32\drivers\afd.sys Address: 0xB26FB000 Size: 138368 File Visible: - Signed: - Status: - Name: arp1394.sys Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys Address: 0xF6BDB000 Size: 60800 File Visible: - Signed: - Status: - Name: ASAPIW2k.sys Image Path: C:\WINDOWS\system32\drivers\ASAPIW2k.sys Address: 0xF7974000 Size: 32768 File Visible: - Signed: - Status: - Name: atapi.sys Image Path: atapi.sys Address: 0xF7464000 Size: 95360 File Visible: - Signed: - Status: - Name: ati2cqag.dll Image Path: C:\WINDOWS\System32\ati2cqag.dll Address: 0xBF048000 Size: 229376 File Visible: - Signed: - Status: - Name: ati2dvag.dll Image Path: C:\WINDOWS\System32\ati2dvag.dll Address: 0xBF012000 Size: 221184 File Visible: - Signed: - Status: - Name: ati2mtag.sys Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys Address: 0xF6C52000 Size: 815104 File Visible: - Signed: - Status: - Name: ati3duag.dll Image Path: C:\WINDOWS\System32\ati3duag.dll Address: 0xBF080000 Size: 1892352 File Visible: - Signed: - Status: - Name: ativvaxx.dll Image Path: C:\WINDOWS\System32\ativvaxx.dll Address: 0xBF24E000 Size: 520192 File Visible: - Signed: - Status: - Name: ATMFD.DLL Image Path: C:\WINDOWS\System32\ATMFD.DLL Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: - Status: - Name: audstub.sys Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys Address: 0xF7C8B000 Size: 3072 File Visible: - Signed: - Status: - Name: Beep.SYS Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS Address: 0xF7B1E000 Size: 4224 File Visible: - Signed: - Status: - Name: BOOTVID.dll Image Path: C:\WINDOWS\system32\BOOTVID.dll Address: 0xF79EC000 Size: 12288 File Visible: - Signed: - Status: - Name: Cdfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS Address: 0xF6B9B000 Size: 63744 File Visible: - Signed: - Status: - Name: cdrom.sys Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys Address: 0xF781C000 Size: 49536 File Visible: - Signed: - Status: - Name: CLASSPNP.SYS Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS Address: 0xF763C000 Size: 53248 File Visible: - Signed: - Status: - Name: DgiVecp.sys Image Path: C:\WINDOWS\System32\Drivers\DgiVecp.sys Address: 0xB269B000 Size: 61440 File Visible: - Signed: - Status: - Name: disk.sys Image Path: disk.sys Address: 0xF762C000 Size: 36352 File Visible: - Signed: - Status: - Name: DMusic.sys Image Path: C:\WINDOWS\system32\drivers\DMusic.sys Address: 0xB1C80000 Size: 52864 File Visible: - Signed: - Status: - Name: drmk.sys Image Path: C:\WINDOWS\system32\drivers\drmk.sys Address: 0xF77DC000 Size: 61440 File Visible: - Signed: - Status: - Name: drmkaud.sys Image Path: C:\WINDOWS\system32\drivers\drmkaud.sys Address: 0xF7C8E000 Size: 2944 File Visible: - Signed: - Status: - Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB255F000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF7B30000 Size: 8192 File Visible: No Signed: - Status: - Name: Dxapi.sys Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys Address: 0xF6A9C000 Size: 12288 File Visible: - Signed: - Status: - Name: dxg.sys Image Path: C:\WINDOWS\System32\drivers\dxg.sys Address: 0xBF000000 Size: 73728 File Visible: - Signed: - Status: - Name: dxgthk.sys Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys Address: 0xF7BD4000 Size: 4096 File Visible: - Signed: - Status: - Name: eamon.sys Image Path: C:\WINDOWS\system32\DRIVERS\eamon.sys Address: 0xB237B000 Size: 835584 File Visible: - Signed: - Status: - Name: ehdrv.sys Image Path: C:\WINDOWS\system32\DRIVERS\ehdrv.sys Address: 0xB27E3000 Size: 118784 File Visible: - Signed: - Status: - Name: epfw.sys Image Path: C:\WINDOWS\system32\DRIVERS\epfw.sys Address: 0xB2308000 Size: 143360 File Visible: - Signed: - Status: - Name: Epfwndis.sys Image Path: C:\WINDOWS\system32\DRIVERS\Epfwndis.sys Address: 0xF766C000 Size: 45056 File Visible: - Signed: - Status: - Name: epfwtdi.sys Image Path: C:\WINDOWS\system32\DRIVERS\epfwtdi.sys Address: 0xB2745000 Size: 77824 File Visible: - Signed: - Status: - Name: Fastfat.SYS Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS Address: 0xB191B000 Size: 143360 File Visible: - Signed: - Status: - Name: fdc.sys Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys Address: 0xF7944000 Size: 27392 File Visible: - Signed: - Status: - Name: Fips.SYS Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS Address: 0xF77BC000 Size: 35072 File Visible: - Signed: - Status: - Name: flpydisk.sys Image Path: C:\WINDOWS\system32\DRIVERS\flpydisk.sys Address: 0xF79A4000 Size: 20480 File Visible: - Signed: - Status: - Name: fltmgr.sys Image Path: fltmgr.sys Address: 0xF7431000 Size: 124800 File Visible: - Signed: - Status: - Name: Fs_Rec.SYS Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Address: 0xF7B1C000 Size: 7936 File Visible: - Signed: - Status: - Name: ftdisk.sys Image Path: ftdisk.sys Address: 0xF747C000 Size: 125568 File Visible: - Signed: - Status: - Name: gameenum.sys Image Path: C:\WINDOWS\system32\DRIVERS\gameenum.sys Address: 0xF7AA4000 Size: 10624 File Visible: - Signed: - Status: - Name: GEARAspiWDM.sys Image Path: C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys Address: 0xF7AB4000 Size: 9984 File Visible: - Signed: - Status: - Name: hal.dll Image Path: C:\WINDOWS\system32\hal.dll Address: 0x806CE000 Size: 131968 File Visible: - Signed: - Status: - Name: HTTP.sys Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys Address: 0xB174A000 Size: 263040 File Visible: - Signed: - Status: - Name: i8042prt.sys Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys Address: 0xF77EC000 Size: 53504 File Visible: - Signed: - Status: - Name: imapi.sys Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys Address: 0xF780C000 Size: 41856 File Visible: - Signed: - Status: - Name: ipnat.sys Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys Address: 0xB2577000 Size: 134912 File Visible: - Signed: - Status: - Name: ipsec.sys Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys Address: 0xB27B0000 Size: 74752 File Visible: - Signed: - Status: - Name: isapnp.sys Image Path: isapnp.sys Address: 0xF75DC000 Size: 36224 File Visible: - Signed: - Status: - Name: kbdclass.sys Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Address: 0xF794C000 Size: 24960 File Visible: - Signed: - Status: - Name: KDCOM.DLL Image Path: C:\WINDOWS\system32\KDCOM.DLL Address: 0xF7ADC000 Size: 8192 File Visible: - Signed: - Status: - Name: kmixer.sys Image Path: C:\WINDOWS\system32\drivers\kmixer.sys Address: 0xB1B46000 Size: 171776 File Visible: - Signed: - Status: - Name: ks.sys Image Path: C:\WINDOWS\system32\drivers\ks.sys Address: 0xF6D7C000 Size: 143360 File Visible: - Signed: - Status: - Name: KSecDD.sys Image Path: KSecDD.sys Address: 0xF7408000 Size: 92544 File Visible: - Signed: - Status: - Name: MarvinBus.sys Image Path: C:\WINDOWS\system32\DRIVERS\MarvinBus.sys Address: 0xF6AB0000 Size: 188416 File Visible: - Signed: - Status: - Name: mnmdd.SYS Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS Address: 0xF7B2A000 Size: 4224 File Visible: - Signed: - Status: - Name: mouclass.sys Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys Address: 0xF7954000 Size: 23296 File Visible: - Signed: - Status: - Name: MountMgr.sys Image Path: MountMgr.sys Address: 0xF760C000 Size: 42240 File Visible: - Signed: - Status: - Name: mrxdav.sys Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys Address: 0xB20D3000 Size: 181248 File Visible: - Signed: - Status: - Name: mrxsmb.sys Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Address: 0xB2598000 Size: 451456 File Visible: - Signed: - Status: - Name: Msfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS Address: 0xF79C4000 Size: 19072 File Visible: - Signed: - Status: - Name: msgpc.sys Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys Address: 0xF76AC000 Size: 35072 File Visible: - Signed: - Status: - Name: msmpu401.sys Image Path: C:\WINDOWS\system32\drivers\msmpu401.sys Address: 0xF7C7D000 Size: 2944 File Visible: - Signed: - Status: - Name: mssmbios.sys Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Address: 0xF7AD0000 Size: 15488 File Visible: - Signed: - Status: - Name: Mup.sys Image Path: Mup.sys Address: 0xF7333000 Size: 107904 File Visible: - Signed: - Status: - Name: NDIS.sys Image Path: NDIS.sys Address: 0xF734E000 Size: 182912 File Visible: - Signed: - Status: - Name: ndistapi.sys Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys Address: 0xF7ABC000 Size: 9600 File Visible: - Signed: - Status: - Name: ndisuio.sys Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys Address: 0xB2367000 Size: 12928 File Visible: - Signed: - Status: - Name: ndiswan.sys Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys Address: 0xF6BEB000 Size: 91776 File Visible: - Signed: - Status: - Name: NDProxy.SYS Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS Address: 0xF76EC000 Size: 38016 File Visible: - Signed: - Status: - Name: netbios.sys Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys Address: 0xF779C000 Size: 34560 File Visible: - Signed: - Status: - Name: netbt.sys Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys Address: 0xB271D000 Size: 162816 File Visible: - Signed: - Status: - Name: nic1394.sys Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys Address: 0xF783C000 Size: 61824 File Visible: - Signed: - Status: - Name: Npfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS Address: 0xF79CC000 Size: 30848 File Visible: - Signed: - Status: - Name: Ntfs.sys Image Path: Ntfs.sys Address: 0xF737B000 Size: 574592 File Visible: - Signed: - Status: - Name: ntkrnlpa.exe Image Path: C:\WINDOWS\system32\ntkrnlpa.exe Address: 0x804D7000 Size: 2058112 File Visible: - Signed: - Status: - Name: Null.SYS Image Path: C:\WINDOWS\System32\Drivers\Null.SYS Address: 0xF7C41000 Size: 2944 File Visible: - Signed: - Status: - Name: nv_agp.sys Image Path: nv_agp.sys Address: 0xF786C000 Size: 21120 File Visible: - Signed: - Status: - Name: nvatabus.sys Image Path: nvatabus.sys Address: 0xF7450000 Size: 79360 File Visible: - Signed: - Status: - Name: NVENETFD.sys Image Path: C:\WINDOWS\system32\DRIVERS\NVENETFD.sys Address: 0xF775C000 Size: 33024 File Visible: - Signed: - Status: - Name: nvnetbus.sys Image Path: C:\WINDOWS\system32\DRIVERS\nvnetbus.sys Address: 0xF7AAC000 Size: 12928 File Visible: - Signed: - Status: - Name: NVNRM.SYS Image Path: C:\WINDOWS\system32\DRIVERS\NVNRM.SYS Address: 0xF77FC000 Size: 61440 File Visible: - Signed: - Status: - Name: NVSNPU.SYS Image Path: C:\WINDOWS\system32\DRIVERS\NVSNPU.SYS Address: 0xF6D19000 Size: 192512 File Visible: - Signed: - Status: - Name: ohci1394.sys Image Path: ohci1394.sys Address: 0xF75EC000 Size: 61056 File Visible: - Signed: - Status: - Name: parport.sys Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys Address: 0xF6DC3000 Size: 80256 File Visible: - Signed: - Status: - Name: PartMgr.sys Image Path: PartMgr.sys Address: 0xF7864000 Size: 18688 File Visible: - Signed: - Status: - Name: ParVdm.SYS Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS Address: 0xF7B16000 Size: 6912 File Visible: - Signed: - Status: - Name: pci.sys Image Path: pci.sys Address: 0xF749B000 Size: 68608 File Visible: - Signed: - Status: - Name: pciide.sys Image Path: pciide.sys Address: 0xF7BA4000 Size: 3456 File Visible: - Signed: - Status: - Name: PCIIDEX.SYS Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS Address: 0xF785C000 Size: 28672 File Visible: - Signed: - Status: - Name: pclepci.sys Image Path: C:\WINDOWS\system32\drivers\pclepci.sys Address: 0xF6B2E000 Size: 14112 File Visible: - Signed: - Status: - Name: pfc.sys Image Path: C:\WINDOWS\system32\drivers\pfc.sys Address: 0xF7AB0000 Size: 10368 File Visible: - Signed: - Status: - Name: PnpManager Image Path: \Driver\PnpManager Address: 0x804D7000 Size: 2058112 File Visible: - Signed: - Status: - Name: portcls.sys Image Path: C:\WINDOWS\system32\drivers\portcls.sys Address: 0xF6D9F000 Size: 147456 File Visible: - Signed: - Status: - Name: processr.sys Image Path: C:\WINDOWS\system32\DRIVERS\processr.sys Address: 0xF784C000 Size: 39552 File Visible: - Signed: - Status: - Name: psched.sys Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys Address: 0xF6B3A000 Size: 69120 File Visible: - Signed: - Status: - Name: ptilink.sys Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys Address: 0xF7984000 Size: 17792 File Visible: - Signed: - Status: - Name: rasacd.sys Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys Address: 0xF7A9C000 Size: 8832 File Visible: - Signed: - Status: - Name: rasl2tp.sys Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Address: 0xF767C000 Size: 51328 File Visible: - Signed: - Status: - Name: raspppoe.sys Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys Address: 0xF768C000 Size: 41472 File Visible: - Signed: - Status: - Name: raspptp.sys Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys Address: 0xF769C000 Size: 48384 File Visible: - Signed: - Status: - Name: raspti.sys Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys Address: 0xF798C000 Size: 16512 File Visible: - Signed: - Status: - Name: RAW Image Path: \FileSystem\RAW Address: 0x804D7000 Size: 2058112 File Visible: - Signed: - Status: - Name: rdbss.sys Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys Address: 0xB262F000 Size: 176512 File Visible: - Signed: - Status: - Name: RDPCDD.sys Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Address: 0xF7B2C000 Size: 4224 File Visible: - Signed: - Status: - Name: redbook.sys Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys Address: 0xF782C000 Size: 58624 File Visible: - Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB1682000 Size: 49152 File Visible: No Signed: - Status: - Name: serenum.sys Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys Address: 0xF7AA8000 Size: 15488 File Visible: - Signed: - Status: - Name: serial.sys Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys Address: 0xF6D6B000 Size: 65664 File Visible: - Signed: - Status: - Name: splitter.sys Image Path: C:\WINDOWS\system32\drivers\splitter.sys Address: 0xF7AE4000 Size: 6400 File Visible: - Signed: - Status: - Name: sr.sys Image Path: sr.sys Address: 0xF741F000 Size: 73472 File Visible: - Signed: - Status: - Name: srv.sys Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys Address: 0xB1F68000 Size: 336256 File Visible: - Signed: - Status: - Name: swenum.sys Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys Address: 0xF7B06000 Size: 4352 File Visible: - Signed: - Status: - Name: swmidi.sys Image Path: C:\WINDOWS\system32\drivers\swmidi.sys Address: 0xB1ED8000 Size: 54272 File Visible: - Signed: - Status: - Name: sysaudio.sys Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys Address: 0xB1EF8000 Size: 60800 File Visible: - Signed: - Status: - Name: tcpip.sys Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys Address: 0xB2758000 Size: 360320 File Visible: - Signed: - Status: - Name: TDI.SYS Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS Address: 0xF797C000 Size: 20480 File Visible: - Signed: - Status: - Name: termdd.sys Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys Address: 0xF76DC000 Size: 40704 File Visible: - Signed: - Status: - Name: update.sys Image Path: C:\WINDOWS\system32\DRIVERS\update.sys Address: 0xF6ADE000 Size: 209408 File Visible: - Signed: - Status: - Name: USBD.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS Address: 0xF7B1A000 Size: 8192 File Visible: - Signed: - Status: - Name: usbehci.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys Address: 0xF7964000 Size: 26624 File Visible: - Signed: - Status: - Name: usbhub.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys Address: 0xF772C000 Size: 57600 File Visible: - Signed: - Status: - Name: usbohci.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbohci.sys Address: 0xF795C000 Size: 17024 File Visible: - Signed: - Status: - Name: USBPORT.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Address: 0xF6D48000 Size: 143360 File Visible: - Signed: - Status: - Name: USBSTOR.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS Address: 0xF7994000 Size: 26496 File Visible: - Signed: - Status: - Name: vga.sys Image Path: C:\WINDOWS\System32\drivers\vga.sys Address: 0xF79BC000 Size: 20992 File Visible: - Signed: - Status: - Name: VIDEOPRT.SYS Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Address: 0xF6C3E000 Size: 81920 File Visible: - Signed: - Status: - Name: VolSnap.sys Image Path: VolSnap.sys Address: 0xF761C000 Size: 52864 File Visible: - Signed: - Status: - Name: wanarp.sys Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys Address: 0xF77CC000 Size: 34560 File Visible: - Signed: - Status: - Name: watchdog.sys Image Path: C:\WINDOWS\System32\watchdog.sys Address: 0xF789C000 Size: 20480 File Visible: - Signed: - Status: - Name: wdmaud.sys Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys Address: 0xB1B93000 Size: 82944 File Visible: - Signed: - Status: - Name: Win32k Image Path: \Driver\Win32k Address: 0xBF800000 Size: 1839104 File Visible: - Signed: - Status: - Name: win32k.sys Image Path: C:\WINDOWS\System32\win32k.sys Address: 0xBF800000 Size: 1839104 File Visible: - Signed: - Status: - Name: WMILIB.SYS Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS Address: 0xF7ADE000 Size: 8192 File Visible: - Signed: - Status: - Name: WMIxWDM Image Path: \Driver\WMIxWDM Address: 0x804D7000 Size: 2058112 File Visible: - Signed: - Status: -