SysProt AntiRootkit v1.0.1.0 by swatkat ****************************************************************************************** ****************************************************************************************** Process: Name: [System Idle Process] PID: 0 Hidden: No Window Visible: No Name: System PID: 4 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\smss.exe PID: 728 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\csrss.exe PID: 784 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\winlogon.exe PID: 816 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\services.exe PID: 860 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\lsass.exe PID: 872 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1032 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1092 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1192 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1376 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1508 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\spoolsv.exe PID: 1748 Hidden: No Window Visible: No Name: C:\WINDOWS\explorer.exe PID: 1940 Hidden: No Window Visible: No Name: C:\WINDOWS\SOUNDMAN.EXE PID: 240 Hidden: No Window Visible: No Name: C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PID: 308 Hidden: No Window Visible: No Name: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PID: 320 Hidden: No Window Visible: No Name: C:\Program Files\WinFast\WFDTV\DTVSchdl.exe PID: 352 Hidden: No Window Visible: No Name: C:\Program Files\WinFast\WFDTV\WFWIZ.exe PID: 424 Hidden: No Window Visible: No Name: C:\Program Files\Bonjour\mDNSResponder.exe PID: 464 Hidden: No Window Visible: No Name: C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PID: 520 Hidden: No Window Visible: No Name: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PID: 564 Hidden: No Window Visible: No Name: C:\Program Files\Java\jre6\bin\jusched.exe PID: 1140 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\ctfmon.exe PID: 1260 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1248 Hidden: No Window Visible: No Name: C:\Program Files\Java\jre6\bin\jqs.exe PID: 1304 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1392 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1408 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PID: 1700 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 252 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1960 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 920 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1136 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1624 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\alg.exe PID: 2928 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 3696 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\WISPTIS.EXE PID: 2872 Hidden: No Window Visible: No Name: C:\Documents and Settings\Bobcok\Pulpit\OTS.exe PID: 8760 Hidden: No Window Visible: No Name: C:\WINDOWS\NOTEPAD.EXE PID: 9068 Hidden: No Window Visible: Yes Name: C:\Program Files\Opera\opera.exe PID: 19736 Hidden: No Window Visible: Yes Name: C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\AcroRd32.exe PID: 18784 Hidden: No Window Visible: No Name: C:\Documents and Settings\Bobcok\Pulpit\SysProt\SysProt.exe PID: 20700 Hidden: No Window Visible: Yes ****************************************************************************************** ****************************************************************************************** Kernel Modules: Module Name: \??\C:\Documents and Settings\Bobcok\Pulpit\SysProt\SysProtDrv.sys Service Name: SysProtDrv.sys Module Base: B8CF0000 Module End: B8CFB000 Hidden: No Module Name: \WINDOWS\system32\ntkrnlpa.exe Service Name: --- Module Base: 804D7000 Module End: 806E2000 Hidden: No Module Name: \WINDOWS\system32\hal.dll Service Name: --- Module Base: 806E2000 Module End: 80702D00 Hidden: No Module Name: \WINDOWS\system32\KDCOM.DLL Service Name: --- Module Base: F7987000 Module End: F7989000 Hidden: No Module Name: \WINDOWS\system32\BOOTVID.dll Service Name: --- Module Base: F7897000 Module End: F789A000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\ACPI.sys Service Name: ACPI Module Base: F7357000 Module End: F7386000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\WMILIB.SYS Service Name: --- Module Base: F7989000 Module End: F798B000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\pci.sys Service Name: PCI Module Base: F7346000 Module End: F7357000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\isapnp.sys Service Name: isapnp Module Base: F7487000 Module End: F7490000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\pciide.sys Service Name: PCIIde Module Base: F7A4F000 Module End: F7A50000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\PCIIDEX.SYS Service Name: --- Module Base: F7707000 Module End: F770E000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys Service Name: MountMgr Module Base: F7497000 Module End: F74A2000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys Service Name: Disk Module Base: F7327000 Module End: F7346000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\dmload.sys Service Name: dmload Module Base: F798B000 Module End: F798D000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\dmio.sys Service Name: dmio Module Base: F7301000 Module End: F7327000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys Service Name: PartMgr Module Base: F770F000 Module End: F7714000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys Service Name: VolSnap Module Base: F74A7000 Module End: F74B4000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\atapi.sys Service Name: atapi Module Base: F72E9000 Module End: F7301000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\nvatabus.sys Service Name: nvatabus Module Base: F72CF000 Module End: F72E9000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\disk.sys Service Name: --- Module Base: F74B7000 Module End: F74C0000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\CLASSPNP.SYS Service Name: --- Module Base: F74C7000 Module End: F74D4000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\fltMgr.sys Service Name: FltMgr Module Base: F72AF000 Module End: F72CF000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\sr.sys Service Name: sr Module Base: F729D000 Module End: F72AF000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys Service Name: PxHelp20 Module Base: F74D7000 Module End: F74E0000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys Service Name: KSecDD Module Base: F7286000 Module End: F729D000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys Service Name: Ntfs Module Base: F71F9000 Module End: F7286000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\NDIS.sys Service Name: NDIS Module Base: F71CC000 Module End: F71F9000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\Mup.sys Service Name: Mup Module Base: F71B2000 Module End: F71CC000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\processr.sys Service Name: Processor Module Base: F7507000 Module End: F7511000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys Service Name: nv Module Base: F6D9A000 Module End: F716A000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Service Name: --- Module Base: F6D86000 Module End: F6D9A000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\serial.sys Service Name: Serial Module Base: F6D75000 Module End: F6D86000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\serenum.sys Service Name: serenum Module Base: F7927000 Module End: F792B000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\irsir.sys Service Name: irsir Module Base: F777F000 Module End: F7784000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\irenum.sys Service Name: IRENUM Module Base: F792B000 Module End: F792E000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\parport.sys Service Name: Parport Module Base: F6D61000 Module End: F6D75000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\i8042prt.sys Service Name: i8042prt Module Base: F7517000 Module End: F7525000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mouclass.sys Service Name: Mouclass Module Base: F7797000 Module End: F779D000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Service Name: Kbdclass Module Base: F77A7000 Module End: F77AE000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\usbohci.sys Service Name: usbohci Module Base: F77B7000 Module End: F77BC000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Service Name: --- Module Base: F6D3D000 Module End: F6D61000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\usbehci.sys Service Name: usbehci Module Base: F77BF000 Module End: F77C7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\imapi.sys Service Name: Imapi Module Base: F7527000 Module End: F7532000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\ElbyCDFL.sys Service Name: ElbyCDFL Module Base: F77CF000 Module End: F77D6000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\ElbyDelay.sys Service Name: ElbyDelay Module Base: F798F000 Module End: F7991000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\cdrom.sys Service Name: Cdrom Module Base: F7537000 Module End: F7544000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\redbook.sys Service Name: redbook Module Base: F7547000 Module End: F7556000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ks.sys Service Name: --- Module Base: F6D1A000 Module End: F6D3D000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\cx88vid.sys Service Name: CX23880 Module Base: F6CF2000 Module End: F6D1A000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\STREAM.SYS Service Name: --- Module Base: F7557000 Module End: F7563000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\ALCXWDM.SYS Service Name: ALCXWDM Module Base: F6906000 Module End: F6CF2000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\portcls.sys Service Name: --- Module Base: F68E2000 Module End: F6906000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\drmk.sys Service Name: --- Module Base: F7567000 Module End: F7576000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\nvnetbus.sys Service Name: nvnetbus Module Base: F7957000 Module End: F795B000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\NVNRM.SYS Service Name: --- Module Base: F6897000 Module End: F68E2000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\NVSNPU.SYS Service Name: --- Module Base: F6860000 Module End: F6897000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\audstub.sys Service Name: audstub Module Base: F7B84000 Module End: F7B85000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rasirda.sys Service Name: irda Module Base: F7807000 Module End: F780C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\TDI.SYS Service Name: --- Module Base: F7817000 Module End: F781C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Service Name: Rasl2tp Module Base: F7577000 Module End: F7584000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ndistapi.sys Service Name: NdisTapi Module Base: F7963000 Module End: F7966000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ndiswan.sys Service Name: NdisWan Module Base: F6821000 Module End: F6838000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\raspppoe.sys Service Name: RasPppoe Module Base: F7587000 Module End: F7592000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\raspptp.sys Service Name: PptpMiniport Module Base: F7597000 Module End: F75A3000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\psched.sys Service Name: PSched Module Base: F6810000 Module End: F6821000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\msgpc.sys Service Name: Gpc Module Base: F75A7000 Module End: F75B0000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ptilink.sys Service Name: Ptilink Module Base: F7837000 Module End: F783C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\raspti.sys Service Name: Raspti Module Base: F7847000 Module End: F784C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rdpdr.sys Service Name: rdpdr Module Base: F67DF000 Module End: F6810000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\termdd.sys Service Name: TermDD Module Base: F75B7000 Module End: F75C1000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\VClone.sys Service Name: VClone Module Base: F7857000 Module End: F785E000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\SCSIPORT.SYS Service Name: --- Module Base: F67C7000 Module End: F67DF000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\swenum.sys Service Name: swenum Module Base: F7995000 Module End: F7997000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\update.sys Service Name: Update Module Base: F676E000 Module End: F67C7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Service Name: mssmbios Module Base: F7983000 Module End: F7987000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS Service Name: NDProxy Module Base: F75C7000 Module End: F75D1000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\usbhub.sys Service Name: usbhub Module Base: F75E7000 Module End: F75F6000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\USBD.SYS Service Name: --- Module Base: F799B000 Module End: F799D000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\NVENETFD.sys Service Name: NVENETFD Module Base: F75F7000 Module End: F7600000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\cxavxbar.sys Service Name: CXAVXBAR Module Base: F683C000 Module End: F683F000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\CX88TUNE.sys Service Name: CXTUNE Module Base: F7627000 Module End: F7634000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Service Name: Fs_Rec Module Base: F799F000 Module End: F79A1000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Null.SYS Service Name: Null Module Base: F7AE6000 Module End: F7AE7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ehdrv.sys Service Name: ehdrv Module Base: F3063000 Module End: F3080000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\V0260Vid.sys Service Name: V0260VID Module Base: F303B000 Module End: F3063000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\V0260Cmd.sys Service Name: --- Module Base: F7767000 Module End: F776D000 Hidden: No Module Name: C:\WINDOWS\System32\drivers\vga.sys Service Name: VgaSave Module Base: F7787000 Module End: F778D000 Hidden: No Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Service Name: RDPCDD Module Base: F79A3000 Module End: F79A5000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS Service Name: Msfs Module Base: F779F000 Module End: F77A4000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS Service Name: Npfs Module Base: F77C7000 Module End: F77CF000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rasacd.sys Service Name: RasAcd Module Base: F66B6000 Module End: F66B9000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ipsec.sys Service Name: IPSec Module Base: F2FE0000 Module End: F2FF3000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\tcpip.sys Service Name: Tcpip Module Base: F2F87000 Module End: F2FE0000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\netbt.sys Service Name: NetBT Module Base: F2F5F000 Module End: F2F87000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ipnat.sys Service Name: IpNat Module Base: F2F3E000 Module End: F2F5F000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\wanarp.sys Service Name: Wanarp Module Base: F7657000 Module End: F7660000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\epfwtdir.sys Service Name: epfwtdir Module Base: F2F25000 Module End: F2F3E000 Hidden: No Module Name: C:\WINDOWS\System32\drivers\afd.sys Service Name: AFD Module Base: F2F03000 Module End: F2F25000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\netbios.sys Service Name: NetBIOS Module Base: F7667000 Module End: F7670000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rdbss.sys Service Name: Rdbss Module Base: F2ED8000 Module End: F2F03000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Service Name: MRxSmb Module Base: F2E69000 Module End: F2ED8000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS Service Name: Fips Module Base: F7677000 Module End: F7680000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS Service Name: Cdfs Module Base: F76A7000 Module End: F76B7000 Hidden: No Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys Service Name: --- Module Base: F2D89000 Module End: F2DA1000 Hidden: Yes Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS Service Name: --- Module Base: F79AF000 Module End: F79B1000 Hidden: Yes Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys Service Name: --- Module Base: F40E1000 Module End: F40E4000 Hidden: No Module Name: C:\WINDOWS\System32\watchdog.sys Service Name: --- Module Base: F781F000 Module End: F7824000 Hidden: No Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys Service Name: --- Module Base: F7ACC000 Module End: F7ACD000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\eamon.sys Service Name: eamon Module Base: BAC2C000 Module End: BACE8000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\irda.sys Service Name: --- Module Base: BA326000 Module End: BA33C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ndisuio.sys Service Name: Ndisuio Module Base: BAD00000 Module End: BAD04000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rspndr.sys Service Name: rspndr Module Base: BADB8000 Module End: BADC8000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys Service Name: wdmaud Module Base: B91A9000 Module End: B91BE000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys Service Name: sysaudio Module Base: F66DE000 Module End: F66ED000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mrxdav.sys Service Name: MRxDAV Module Base: B8D28000 Module End: B8D55000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\ParVdm.SYS Service Name: ParVdm Module Base: F79A9000 Module End: F79AB000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\ElbyCDIO.sys Service Name: ElbyCDIO Module Base: B90B3000 Module End: B90B8000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\srv.sys Service Name: Srv Module Base: B732F000 Module End: B7381000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys Service Name: HTTP Module Base: B5A7F000 Module End: B5AC0000 Hidden: No Module Name: \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS Service Name: WFIOCTL Module Base: B5F13000 Module End: B5F16000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\MSPQM.sys Service Name: MSPQM Module Base: F79E3000 Module End: F79E5000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\kmixer.sys Service Name: kmixer Module Base: B27ED000 Module End: B2818000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\fdc.sys Service Name: Fdc Module Base: F776F000 Module End: F7776000 Hidden: No ****************************************************************************************** ****************************************************************************************** SSDT: Function Name: ZwAssignProcessToJobObject Address: 84CEA630 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenProcess Address: 84CE9A60 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenThread Address: 84CE9E80 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSuspendProcess Address: 84CEA460 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSuspendThread Address: 84CEA280 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwTerminateProcess Address: 84CE9C90 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwTerminateThread Address: 84CEA0B0 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ ****************************************************************************************** ****************************************************************************************** No Kernel Hooks found ****************************************************************************************** ****************************************************************************************** No IRP Hooks found ****************************************************************************************** ****************************************************************************************** Ports: Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49875 Remote Address: 209.160.78.114:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49874 Remote Address: HEALTH.MOPH.GO.TH:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49871 Remote Address: MAIL.BYETCLUSTER.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49870 Remote Address: MAIL.AVANPAD.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49869 Remote Address: MX9.VALUEHOST.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49868 Remote Address: 206-161-193-131.STATIC.PCCWGLOBAL.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49867 Remote Address: MX9.VALUEHOST.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49866 Remote Address: 77.221.159.154.ADDR.DATAPOINT.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49865 Remote Address: MAIL.BYETCLUSTER.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49864 Remote Address: SMTP.WEINERLESNIAK.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49863 Remote Address: MX1.COLORLABS.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49862 Remote Address: 206-161-193-131.STATIC.PCCWGLOBAL.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49861 Remote Address: HEALTH.MOPH.GO.TH:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49860 Remote Address: 206-161-193-131.STATIC.PCCWGLOBAL.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49859 Remote Address: WWW.COPYMYDVD.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49858 Remote Address: WWW.COPYMYDVD.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49857 Remote Address: 77.221.159.154.ADDR.DATAPOINT.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49856 Remote Address: 206-161-193-131.STATIC.PCCWGLOBAL.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49855 Remote Address: MAIL.AVANPAD.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49854 Remote Address: 88.214.216.6:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49853 Remote Address: MX1.HQHOST.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49852 Remote Address: 88.214.216.6:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49851 Remote Address: MAIL.BYETCLUSTER.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: SYN_SENT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49839 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49838 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49822 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49821 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49801 Remote Address: MAIL-IN.ROC2.BLUETIE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49798 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49797 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49780 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49778 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49767 Remote Address: CANUTE.VALHALLA.PL:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49758 Remote Address: MX4C35.CARRIERZONE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49756 Remote Address: 77.247.179.157:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49754 Remote Address: MAIL7.HSPHERE.CC:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49752 Remote Address: MX1.BNE.SERVER-MAIL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49751 Remote Address: 77.247.179.140:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49748 Remote Address: 77.247.179.169:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49744 Remote Address: 77.247.179.157:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49736 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49734 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49726 Remote Address: P3PLNPRE01-V01.EML.PHX3.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49720 Remote Address: P3PLNPRE01-V01.EML.PHX3.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49719 Remote Address: INBOUND.HOMESTEADMAIL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49700 Remote Address: CANUTE.VALHALLA.PL:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49688 Remote Address: WWW.COPYMYDVD.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49684 Remote Address: FF-DIA-MX-VIP1.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49683 Remote Address: MIDSOUTHDRUGTESTING.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49674 Remote Address: INBOUND.MAIL.UTEXAS.EDU:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49670 Remote Address: AS33-108.OMANTEL.NET.OM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49668 Remote Address: MAIL.INETBANKER.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49667 Remote Address: 75-149-9-21-PENNSYLVANIA.HFC.COMCASTBUSINESS.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49662 Remote Address: SMTP.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49659 Remote Address: SMTP.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49655 Remote Address: MX.WEBANDNETWORKSOLUTIONS.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49650 Remote Address: MX1.NETCORE.CO.IN:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49630 Remote Address: SMTP1.MSP.SECURENCE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49626 Remote Address: IMSMX19.NETVIGATOR.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49625 Remote Address: INBOUND.REGISTEREDSITE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49604 Remote Address: P3PLNPRE01-V01.EML.PHX3.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49583 Remote Address: MX.SVC.TELUS.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49580 Remote Address: P3PLNPRE01-V01.EML.PHX3.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49557 Remote Address: 77.247.179.157:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49527 Remote Address: 77.247.179.169:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49522 Remote Address: 77.247.179.169:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49520 Remote Address: 77.247.179.169:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49518 Remote Address: 77.247.179.152:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49505 Remote Address: 77.247.179.157:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49493 Remote Address: SERVERPOINT.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49487 Remote Address: SERVER8.WEB4A.DE:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49485 Remote Address: MAILSERVER.CIVIL-DESIGNS.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49478 Remote Address: MX3C25.CARRIERZONE.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49473 Remote Address: MXD3.ARUBA.IT:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49466 Remote Address: PWR3.SUPREMESPACE.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49463 Remote Address: AV1.DIGIWEB.NET.NZ:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49461 Remote Address: SITEMAIL.EVERYONE.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49459 Remote Address: MX.FRONTIERNET.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49457 Remote Address: MAIL1.SHIPPINGLINE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49455 Remote Address: DUKES.WEBSERVERSYSTEMS.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49451 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49447 Remote Address: JRM1.JBSERVERS.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49444 Remote Address: MX2C35.CARRIERZONE.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49441 Remote Address: SPF5-4.US4.OUTBLAZE.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49439 Remote Address: MAIL.ATLASCOMM.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49438 Remote Address: IMSMX19.NETVIGATOR.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49435 Remote Address: EMAILSCAN.NCCOURTS.ORG:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49434 Remote Address: MAIL.CLEVERSAFE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49427 Remote Address: MAIL1.CLEANPORT.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49425 Remote Address: NB-MX-VIP3.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49424 Remote Address: NB-MX-VIP3.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49417 Remote Address: MX1.URL.COM.TW:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49413 Remote Address: REDIRECT.OVH.NET:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49412 Remote Address: MAIL213-171-216-1.LIVEMAIL.CO.UK:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49406 Remote Address: WOLVERINE.AVIANO.AF.MIL:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49405 Remote Address: MX1.MESSAGINGENGINE.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49403 Remote Address: NORESTA.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49399 Remote Address: MAIL-BW0-F47.GOOGLE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49394 Remote Address: MAIL-FX0-F64.GOOGLE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49386 Remote Address: MAILNTSRV.LADPC.CO.IL:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49381 Remote Address: MAIL.NETWORKSOLUTIONSEMAIL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49377 Remote Address: MXS.MAIL.RU:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49376 Remote Address: MAIL.HVI.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49374 Remote Address: MAIL2.WAGGENEREDSTROM.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49370 Remote Address: MX.SVC.TELUS.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49359 Remote Address: NEMO.NIACC.EDU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49357 Remote Address: SITEMAIL2.EVERYONE.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49354 Remote Address: MAIL.CCOP.ORG:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49348 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49346 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49342 Remote Address: CANUTE.VALHALLA.PL:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49333 Remote Address: MAIL.GLOBAL.FRONTBRIDGE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49329 Remote Address: MAIL-IN.FREESERVE.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49324 Remote Address: P3PLNPRE01-V01.EML.PHX3.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49314 Remote Address: 193.252.22.185:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49307 Remote Address: INBOUND.REGISTEREDSITE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49303 Remote Address: MAIL-IN.FREESERVE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49293 Remote Address: MAIL-IN.FREESERVE.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49289 Remote Address: WWW.COPYMYDVD.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49282 Remote Address: F99-045.OPERA-MINI.NET:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49255 Remote Address: MX.FRONTIERNET.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49248 Remote Address: MX2C35.CARRIERZONE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49243 Remote Address: IMSMX19.NETVIGATOR.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49236 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49229 Remote Address: NB-MX-VIP3.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49228 Remote Address: NB-MX-VIP3.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49214 Remote Address: BW-IN-F155.GOOGLE.COM:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49206 Remote Address: BW-IN-F155.GOOGLE.COM:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49202 Remote Address: BW-IN-F155.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49199 Remote Address: BW-IN-F155.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49187 Remote Address: MX.SVC.TELUS.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49178 Remote Address: 77.247.179.157:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49175 Remote Address: MXL144V3.MXLOGIC.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49164 Remote Address: SCAN11.LITH.DLS.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49163 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49158 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49157 Remote Address: MB.MX.AOL.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49155 Remote Address: 217.153.56.86:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49150 Remote Address: 217.153.56.86:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49148 Remote Address: 217.153.56.86:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49129 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49127 Remote Address: 77.247.179.169:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49124 Remote Address: 77.247.179.169:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49122 Remote Address: 77.247.179.169:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49121 Remote Address: 77.247.179.169:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49118 Remote Address: 77.247.179.169:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49115 Remote Address: 77.247.179.152:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49110 Remote Address: FLTR-IN2.MAIL.DREAMHOST.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49107 Remote Address: MAIL.GLOBAL.FRONTBRIDGE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49102 Remote Address: MAIL.GUILDERLANDSCHOOLS.ORG:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49094 Remote Address: 77.247.179.157:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49090 Remote Address: MXL144V2.MXLOGIC.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49086 Remote Address: MX04.REGISTER.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49084 Remote Address: 64.225.158.189:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49072 Remote Address: SITEMAIL.EVERYONE.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49069 Remote Address: OFFICE.MCDONALDTRANSIT.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49063 Remote Address: MX2.SERVERSHOST.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49050 Remote Address: SMTP.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49048 Remote Address: SMTP.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49045 Remote Address: RELAY1.FAST.NET.UK:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49037 Remote Address: SMTP.SECURESERVER.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49012 Remote Address: MX02.REGISTER.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49011 Remote Address: MX.FRONTIERNET.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:49006 Remote Address: MX2C35.CARRIERZONE.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48997 Remote Address: IMSMX19.NETVIGATOR.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48995 Remote Address: BW-IN-F155.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48985 Remote Address: BW-IN-F155.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48979 Remote Address: 93.188.130.65:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48966 Remote Address: MX1.OPTONLINE.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48956 Remote Address: NB-MX-VIP3.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48953 Remote Address: NB-MX-VIP3.PRODIGY.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48908 Remote Address: MX.SVC.TELUS.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48887 Remote Address: SCC-MAILRELAY.ATT.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48884 Remote Address: F99-045.OPERA-MINI.NET:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48856 Remote Address: CANUTE.VALHALLA.PL:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48825 Remote Address: SMTP-IN.NUVOX.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48808 Remote Address: MAILGW2.WMFI.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48782 Remote Address: IMSMX19.NETVIGATOR.COM:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48734 Remote Address: SMTPIN.ISPMAIL.NTL.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48686 Remote Address: SCC-MAILRELAY.ATT.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48683 Remote Address: SCC-MAILRELAY.ATT.NET:SMTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48637 Remote Address: 217.153.56.87:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48621 Remote Address: 217.153.56.87:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48616 Remote Address: 208.88.176.118:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48577 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48575 Remote Address: BW-IN-F100.GOOGLE.COM:HTTP Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48573 Remote Address: F99-045.OPERA-MINI.NET:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48571 Remote Address: F99-045.OPERA-MINI.NET:HTTP Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: FIN_WAIT1 Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:48468 Remote Address: MX8.VALUEHOST.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:47227 Remote Address: MAIL.AVANPAD.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:34416 Remote Address: MX8.VALUEHOST.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:15698 Remote Address: MX9.VALUEHOST.RU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:1206 Remote Address: IP-212-117-164-9.SERVER.LU:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:1037 Remote Address: MAIL.AVANPAD.COM:SMTP Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: ESTABLISHED Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:NETBIOS-SSN Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: BOBCOK_GORA:49766 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: ESTABLISHED Local Address: BOBCOK_GORA:49755 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49750 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49747 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49743 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49735 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49733 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49699 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49556 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49524 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: ESTABLISHED Local Address: BOBCOK_GORA:49521 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: ESTABLISHED Local Address: BOBCOK_GORA:49519 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: ESTABLISHED Local Address: BOBCOK_GORA:49517 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: ESTABLISHED Local Address: BOBCOK_GORA:49504 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49450 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49341 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49281 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49235 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49213 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49205 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49201 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49198 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49177 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49162 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49154 Remote Address: LOCALHOST:30606 Type: TCP Process: C:\Program Files\Opera\opera.exe State: FIN_WAIT2 Local Address: BOBCOK_GORA:49149 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49147 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49128 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49126 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49123 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49120 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49117 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49114 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49093 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:49083 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48994 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48984 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48978 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48883 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48855 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48639 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48636 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48620 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48615 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48576 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:48574 Remote Address: LOCALHOST:30606 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49766 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49745 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49731 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49729 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49587 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49556 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49538 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49535 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49533 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49531 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49525 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49524 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49521 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49519 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49517 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: ESTABLISHED Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49511 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49504 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49450 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49283 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49281 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49238 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49235 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49213 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49205 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49159 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49154 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49145 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49143 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49141 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49139 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49135 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49133 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49105 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49073 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49067 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49053 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49046 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:49000 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48987 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48982 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48974 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48972 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48969 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48959 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48957 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48947 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48901 Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48572 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: LOCALHOST:48570 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: CLOSE_WAIT Local Address: BOBCOK_GORA:30606 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe State: LISTENING Local Address: BOBCOK_GORA:5354 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: LISTENING Local Address: BOBCOK_GORA:5152 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Java\jre6\bin\jqs.exe State: LISTENING Local Address: BOBCOK_GORA:1081 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\WINDOWS\system32\alg.exe State: LISTENING Local Address: BOBCOK_GORA:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: BOBCOK_GORA:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: LISTENING Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:5353 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:1900 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:138 Remote Address: NA Type: UDP Process: System State: NA Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:NETBIOS-NS Remote Address: NA Type: UDP Process: System State: NA Local Address: BOBCOK_GORA.DOMAIN_NOT_SET.INVALID:123 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:1900 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:123 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:4500 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\lsass.exe State: NA Local Address: BOBCOK_GORA:1464 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:1461 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:1460 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:1029 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: BOBCOK_GORA:1025 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: BOBCOK_GORA:500 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\lsass.exe State: NA Local Address: BOBCOK_GORA:MICROSOFT-DS Remote Address: NA Type: UDP Process: System State: NA ****************************************************************************************** ****************************************************************************************** Hidden files/folders: Object: I:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: I:\System Volume Information\tracking.log Status: Access denied Object: I:\System Volume Information\_restore{110B53E1-FDCA-4AAA-889B-54E5972F6466} Status: Access denied Object: I:\System Volume Information\_restore{148C0C40-A775-43F8-A101-89DF014A6726} Status: Access denied Object: I:\System Volume Information\_restore{2BAF03B0-880D-4045-8376-A79E987BAAF1} Status: Access denied Object: I:\System Volume Information\_restore{38F64833-46D9-40F8-A37F-1BB4CC1E70A5} Status: Access denied Object: I:\System Volume Information\_restore{6A611BCA-806A-4D6D-8DB7-A6868D79C749} Status: Access denied Object: I:\System Volume Information\_restore{7A643536-3819-4A1F-BF35-41A897453C4E} Status: Access denied Object: I:\System Volume Information\_restore{7AAEEA87-F24A-40EF-AD74-D017A7BA3DDB} Status: Access denied Object: I:\System Volume Information\_restore{80FC3124-D62A-446B-983C-4072A3D459C5} Status: Access denied Object: I:\System Volume Information\_restore{8134AF53-B976-4C67-9355-0B5233F9A6A9} Status: Access denied Object: I:\System Volume Information\_restore{816B79F6-6FD2-41E8-839F-9C4DDA79022A} Status: Access denied Object: I:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7} Status: Access denied Object: I:\System Volume Information\_restore{A91339ED-AD49-40D9-9F25-C85BEE5654DC} Status: Access denied Object: I:\System Volume Information\_restore{AC558522-BCD6-4004-9BAA-C375A93E78F2} Status: Access denied Object: I:\System Volume Information\_restore{AC69F0BD-30FB-4DFE-8975-52D270937156} Status: Access denied Object: I:\System Volume Information\_restore{B44D066E-60D8-4962-A3AC-F0559B315443} Status: Access denied Object: I:\System Volume Information\_restore{B66C2B04-8AA2-496F-98EC-626D37D45739} Status: Access denied Object: I:\System Volume Information\_restore{C42B5214-BB60-4853-B858-7233C489A2AA} Status: Access denied Object: I:\System Volume Information\_restore{C50641CF-652D-4AC7-8166-9A225107E143} Status: Access denied Object: I:\System Volume Information\_restore{D2F43E48-55F8-4A5B-81A8-C8C8FCA4A241} Status: Access denied Object: I:\System Volume Information\_restore{DC9A15CF-3DDD-4ED5-BB06-78562731E267} Status: Access denied Object: G:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: G:\System Volume Information\tracking.log Status: Access denied Object: G:\System Volume Information\_restore{80FC3124-D62A-446B-983C-4072A3D459C5} Status: Access denied Object: G:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7} Status: Access denied Object: E:\Moje dokumenty\Muzyka\Pleymo\Pleymo\2005 - Ce Soir, C'est Grand Soir\09 - Tout Le Monde Se Leve.ogg Status: Hidden Object: E:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: E:\System Volume Information\tracking.log Status: Access denied Object: E:\System Volume Information\_restore{7A643536-3819-4A1F-BF35-41A897453C4E} Status: Access denied Object: E:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7} Status: Access denied Object: E:\System Volume Information\_restore{D24AB31B-677D-4D7F-BAE8-B95BDD15E29B} Status: Access denied Object: E:\System Volume Information\_restore{E4450800-7027-4DCB-A098-AC9CA919D339} Status: Access denied Object: D:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: D:\System Volume Information\tracking.log Status: Access denied Object: D:\System Volume Information\_restore{7A643536-3819-4A1F-BF35-41A897453C4E} Status: Access denied Object: D:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7} Status: Access denied Object: D:\System Volume Information\_restore{D24AB31B-677D-4D7F-BAE8-B95BDD15E29B} Status: Access denied Object: D:\System Volume Information\_restore{E4450800-7027-4DCB-A098-AC9CA919D339} Status: Access denied Object: C:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: C:\System Volume Information\tracking.log Status: Access denied Object: C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7} Status: Access denied