Dave,
I did not create that folder, I don't even know what it is, how to or where to create it.
This morning when I started the computer, my monitors wouldn't show any activity not even the mouse, like they weren't connected. I had to reboot and then started working. Would I be having trouble with my video card?
I really appreciate all the help you're giving me! Thanks
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Hidden Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys
Service Name: ---
Module Base: B465B000
Module End: B4712000
Hidden: Yes
******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAddBootEntry
Address: B47D7610
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwAllocateVirtualMemory
Address: B48B35FA
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwAssignProcessToJobObject
Address: B47D80E6
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwClose
Address: B481BB36
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateEvent
Address: B47E3F18
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateEventPair
Address: B47E3F64
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateIoCompletion
Address: B47E40FE
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateKey
Address: B481B4EA
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateMutant
Address: B47E3E86
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateSection
Address: B47E3FA8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateSemaphore
Address: B47E3ECE
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateThread
Address: B47D85E4
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateTimer
Address: B47E40B8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDebugActiveProcess
Address: B47D8E9C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDeleteBootEntry
Address: B47D7676
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDeleteKey
Address: B481C1FC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDeleteValueKey
Address: B481C4B2
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDuplicateObject
Address: B47DC596
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwEnumerateKey
Address: B481C067
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwEnumerateValueKey
Address: B481BED2
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwFreeVirtualMemory
Address: B48B36C2
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwLoadDriver
Address: B47D725E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwModifyBootEntry
Address: B47D76DC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwNotifyChangeKey
Address: B47DC98C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwNotifyChangeMultipleKeys
Address: B47D992C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenEvent
Address: B47E3F42
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenEventPair
Address: B47E3F86
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenIoCompletion
Address: B47E4122
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenKey
Address: B481B846
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenMutant
Address: B47E3EAC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenProcess
Address: B47DBE78
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenSection
Address: B47E4036
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenSemaphore
Address: B47E3EF6
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenThread
Address: B47DC26E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenTimer
Address: B47E40DC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwProtectVirtualMemory
Address: B48B3822
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwQueryKey
Address: B481BD4D
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwQueryObject
Address: B47D97F8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwQueryValueKey
Address: B481BB9F
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwQueueApcThread
Address: B47D934E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwRenameKey
Address: B48C0744
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwRestoreKey
Address: B481AB30
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetBootEntryOrder
Address: B47D7742
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetBootOptions
Address: B47D77A8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetContextThread
Address: B47D8D16
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetSystemInformation
Address: B47D72F8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetSystemPowerState
Address: B47D74CE
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetValueKey
Address: B481C303
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwShutdownSystem
Address: B47D745C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSuspendProcess
Address: B47D9066
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSuspendThread
Address: B47D91C8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSystemDebugControl
Address: B47D7556
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwTerminateProcess
Address: B47D8B54
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwTerminateThread
Address: B47D8CF6
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwUnloadDriver
Address: B48B1C42
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwVdmControl
Address: B47D780E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwWriteVirtualMemory
Address: B47D8142
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
******************************************************************************************
******************************************************************************************
Kernel Hooks:
Hooked Function: ZwCreateProcessEx
At Address: 805D11CA
Jump To: B48CCE04
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ZwClose
At Address: 805BC58A
Jump To: B48C9C9A
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: PsCreateSystemThread
At Address: 805D11CA
Jump To: B48CCE04
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ObMakeTemporaryObject
At Address: 805BC58A
Jump To: B48C9C9A
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ObInsertObject
At Address: 805C300E
Jump To: B48CB7B4
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ObCloseHandle
At Address: 805BC58A
Jump To: B48C9C9A
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Rosa\Application Data\Adobe\Flash Player\APSPrivateData2\0\drm-plug-win-x86\KckDveDsBuHdHi8TJUXQAFOpavQ=\SxQ9ILGlvY8_GGjQGsVelJ4fq9sg=\QTU4QzlBOTEtQkFEMS0zMDY2LTk5RjQtRDA2MzEwMDU3RTI0\OEJFNEE5OUEtRUI0NS0zNjUxLUFBOTMtOTdCMzE4QUU2Q
Status: Hidden
Object: C:\Documents and Settings\Rosa\Application Data\Adobe\Flash Player\APSPrivateData2\0\drm-plug-win-x86\KckDveDsBuHdHi8TJUXQAFOpavQ=\SxQ9ILGlvY8_GGjQGsVelJ4fq9sg=\ZDI4MzkyZGEtMTliNy00MmZiLTg3NmQtOTQzNDQwNTY0ZTMx\QTI0MjcwQjMtQzVFNi0zOEY3LUE5NkEtOTgyNjFEQzM5R
Status: Hidden
Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied
Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied
I did not create that folder, I don't even know what it is, how to or where to create it.
This morning when I started the computer, my monitors wouldn't show any activity not even the mouse, like they weren't connected. I had to reboot and then started working. Would I be having trouble with my video card?
I really appreciate all the help you're giving me! Thanks
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Hidden Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys
Service Name: ---
Module Base: B465B000
Module End: B4712000
Hidden: Yes
******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAddBootEntry
Address: B47D7610
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwAllocateVirtualMemory
Address: B48B35FA
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwAssignProcessToJobObject
Address: B47D80E6
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwClose
Address: B481BB36
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateEvent
Address: B47E3F18
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateEventPair
Address: B47E3F64
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateIoCompletion
Address: B47E40FE
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateKey
Address: B481B4EA
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateMutant
Address: B47E3E86
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateSection
Address: B47E3FA8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateSemaphore
Address: B47E3ECE
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateThread
Address: B47D85E4
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwCreateTimer
Address: B47E40B8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDebugActiveProcess
Address: B47D8E9C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDeleteBootEntry
Address: B47D7676
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDeleteKey
Address: B481C1FC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDeleteValueKey
Address: B481C4B2
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwDuplicateObject
Address: B47DC596
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwEnumerateKey
Address: B481C067
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwEnumerateValueKey
Address: B481BED2
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwFreeVirtualMemory
Address: B48B36C2
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwLoadDriver
Address: B47D725E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwModifyBootEntry
Address: B47D76DC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwNotifyChangeKey
Address: B47DC98C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwNotifyChangeMultipleKeys
Address: B47D992C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenEvent
Address: B47E3F42
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenEventPair
Address: B47E3F86
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenIoCompletion
Address: B47E4122
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenKey
Address: B481B846
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenMutant
Address: B47E3EAC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenProcess
Address: B47DBE78
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenSection
Address: B47E4036
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenSemaphore
Address: B47E3EF6
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenThread
Address: B47DC26E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwOpenTimer
Address: B47E40DC
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwProtectVirtualMemory
Address: B48B3822
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwQueryKey
Address: B481BD4D
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwQueryObject
Address: B47D97F8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwQueryValueKey
Address: B481BB9F
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwQueueApcThread
Address: B47D934E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwRenameKey
Address: B48C0744
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwRestoreKey
Address: B481AB30
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetBootEntryOrder
Address: B47D7742
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetBootOptions
Address: B47D77A8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetContextThread
Address: B47D8D16
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetSystemInformation
Address: B47D72F8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetSystemPowerState
Address: B47D74CE
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSetValueKey
Address: B481C303
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwShutdownSystem
Address: B47D745C
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSuspendProcess
Address: B47D9066
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSuspendThread
Address: B47D91C8
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwSystemDebugControl
Address: B47D7556
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwTerminateProcess
Address: B47D8B54
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwTerminateThread
Address: B47D8CF6
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwUnloadDriver
Address: B48B1C42
Driver Base: B48A6000
Driver End: B48FE000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS
Function Name: ZwVdmControl
Address: B47D780E
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
Function Name: ZwWriteVirtualMemory
Address: B47D8142
Driver Base: B47BF000
Driver End: B487E000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS
******************************************************************************************
******************************************************************************************
Kernel Hooks:
Hooked Function: ZwCreateProcessEx
At Address: 805D11CA
Jump To: B48CCE04
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ZwClose
At Address: 805BC58A
Jump To: B48C9C9A
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: PsCreateSystemThread
At Address: 805D11CA
Jump To: B48CCE04
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ObMakeTemporaryObject
At Address: 805BC58A
Jump To: B48C9C9A
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ObInsertObject
At Address: 805C300E
Jump To: B48CB7B4
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
Hooked Function: ObCloseHandle
At Address: 805BC58A
Jump To: B48C9C9A
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Rosa\Application Data\Adobe\Flash Player\APSPrivateData2\0\drm-plug-win-x86\KckDveDsBuHdHi8TJUXQAFOpavQ=\SxQ9ILGlvY8_GGjQGsVelJ4fq9sg=\QTU4QzlBOTEtQkFEMS0zMDY2LTk5RjQtRDA2MzEwMDU3RTI0\OEJFNEE5OUEtRUI0NS0zNjUxLUFBOTMtOTdCMzE4QUU2Q
Status: Hidden
Object: C:\Documents and Settings\Rosa\Application Data\Adobe\Flash Player\APSPrivateData2\0\drm-plug-win-x86\KckDveDsBuHdHi8TJUXQAFOpavQ=\SxQ9ILGlvY8_GGjQGsVelJ4fq9sg=\ZDI4MzkyZGEtMTliNy00MmZiLTg3NmQtOTQzNDQwNTY0ZTMx\QTI0MjcwQjMtQzVFNi0zOEY3LUE5NkEtOTgyNjFEQzM5R
Status: Hidden
Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied
Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied
Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied