SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Hidden Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_dumpata.sys
Service Name: ---
Module Base: 8D676000
Module End: 8D681000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: 8D681000
Module End: 8D689000
Hidden: Yes
******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwCreateSection
Address: 8A3657DE
Driver Base: 0
Driver End: 0
Driver Name: _unknown_
Function Name: ZwRequestWaitReplyPort
Address: 8A3657E8
Driver Base: 0
Driver End: 0
Driver Name: _unknown_
Function Name: ZwSetContextThread
Address: 8A3657E3
Driver Base: 0
Driver End: 0
Driver Name: _unknown_
Function Name: ZwSetSecurityObject
Address: 8A3657ED
Driver Base: 0
Driver End: 0
Driver Name: _unknown_
Function Name: ZwSystemDebugControl
Address: 8A3657F2
Driver Base: 0
Driver End: 0
Driver Name: _unknown_
Function Name: ZwTerminateProcess
Address: 8D35D640
Driver Base: 8D353000
Driver End: 8D375000
Driver Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied
Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied
Object: C:\Users\Dimitris\AppData\Roaming\SecuROM\UserData\
χ?πρ
??
Status: Hidden
Object: C:\Users\Dimitris\AppData\Roaming\SecuROM\UserData\
χ?πρ
??
Status: Hidden
Object: C:\Users\Dimitris\Desktop\ΣΟΦΙΑ\?anaooUoaeo Aei?ecoco-1.doc
Status: Hidden
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied