Jump to content

CBL Driver Infection

Recommended Posts

Here's what RootRepeal came up with:

I believe hiberfil.sys is the culprit I'm looking for. It was the only .sys file identified even though it did not follow the common naming convention noted. Am I correct?

ROOTREPEAL © AD, 2007-2008


Scan Time: 2009/03/25 21:04

Program Version: Version

Windows Version: Windows XP Media Center Edition SP3


Hidden/Locked Files


Path: C:\hiberfil.sys

Status: Locked to the Windows API!

Path: C:\WINDOWS\Prefetch\MCAGENT.EXE-0AA61076.pf

Status: Size mismatch (API: 38460, Raw: 38472)

Path: C:\WINDOWS\system32\config\software.LOG

Status: Size mismatch (API: 24576, Raw: 1024)

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.