SysProt AntiRootkit v1.0.1.0 by swatkat ****************************************************************************************** ****************************************************************************************** Process: Name: [System Idle Process] PID: 0 Hidden: No Window Visible: No Name: System PID: 4 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\smss.exe PID: 652 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\csrss.exe PID: 716 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\winlogon.exe PID: 740 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\services.exe PID: 784 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\lsass.exe PID: 796 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 948 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1024 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1064 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1140 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1276 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\spoolsv.exe PID: 1488 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 1572 Hidden: No Window Visible: No Name: C:\Program\AVG\AVG8\avgwdsvc.exe PID: 256 Hidden: No Window Visible: No Name: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDatabase.exe PID: 336 Hidden: No Window Visible: No Name: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDispatcher.exe PID: 352 Hidden: No Window Visible: No Name: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDeviceManager.exe PID: 424 Hidden: No Window Visible: No Name: C:\Program\Java\jre6\bin\jqs.exe PID: 512 Hidden: No Window Visible: No Name: C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\mdm.exe PID: 536 Hidden: No Window Visible: No Name: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSLP.exe PID: 1012 Hidden: No Window Visible: No Name: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSNMP.exe PID: 1128 Hidden: No Window Visible: No Name: C:\Program\AVG\AVG8\avgrsx.exe PID: 1196 Hidden: No Window Visible: No Name: C:\Program\AVG\AVG8\avgnsx.exe PID: 1236 Hidden: No Window Visible: No Name: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTWebServer.exe PID: 1356 Hidden: No Window Visible: No Name: C:\Program\AVG\AVG8\avgcsrvx.exe PID: 1388 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\alg.exe PID: 1928 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\WgaTray.exe PID: 1760 Hidden: No Window Visible: No Name: C:\WINDOWS\explorer.exe PID: 1888 Hidden: No Window Visible: No Name: C:\WINDOWS\RTHDCPL.EXE PID: 2264 Hidden: No Window Visible: No Name: C:\Program\Synaptics\SynTP\SynTPEnh.exe PID: 2288 Hidden: No Window Visible: No Name: C:\Program\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe PID: 2296 Hidden: No Window Visible: No Name: C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe PID: 2340 Hidden: No Window Visible: No Name: C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe PID: 2364 Hidden: No Window Visible: No Name: C:\Program\AVG\AVG8\avgtray.exe PID: 2376 Hidden: No Window Visible: No Name: C:\Program\Java\jre6\bin\jusched.exe PID: 2396 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\ctfmon.exe PID: 2416 Hidden: No Window Visible: No Name: C:\Program\Picasa2\PicasaMediaDetector.exe PID: 2448 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 2520 Hidden: No Window Visible: No Name: C:\Program\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe PID: 2628 Hidden: No Window Visible: No Name: C:\Program\FSC\Wireless Utility\WirelessSelector.exe PID: 2688 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 2500 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\sys32_nov.exe PID: 3864 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 2176 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 2668 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\braviax.exe PID: 3044 Hidden: No Window Visible: No Name: C:\WINDOWS\system32\svchost.exe PID: 2428 Hidden: No Window Visible: No Name: C:\WINDOWS\notepad.exe PID: 3992 Hidden: No Window Visible: Yes Name: C:\Documents and Settings\Per K\Skrivbord\SysProt\SysProt.exe PID: 4012 Hidden: No Window Visible: Yes ****************************************************************************************** ****************************************************************************************** Kernel Modules: Module Name: \??\C:\Documents and Settings\Per K\Skrivbord\SysProt\SysProtDrv.sys Service Name: SysProtDrv.sys Module Base: A7435000 Module End: A7440000 Hidden: No Module Name: \WINDOWS\system32\ntkrnlpa.exe Service Name: --- Module Base: 804D7000 Module End: 806CF980 Hidden: No Module Name: \WINDOWS\system32\hal.dll Service Name: --- Module Base: 806D0000 Module End: 806F0300 Hidden: No Module Name: \WINDOWS\system32\KDCOM.DLL Service Name: --- Module Base: F7A87000 Module End: F7A89000 Hidden: No Module Name: \WINDOWS\system32\BOOTVID.dll Service Name: --- Module Base: F7997000 Module End: F799A000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\ACPI.sys Service Name: ACPI Module Base: F7458000 Module End: F7486000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\WMILIB.SYS Service Name: --- Module Base: F7A89000 Module End: F7A8B000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\pci.sys Service Name: PCI Module Base: F7447000 Module End: F7458000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\isapnp.sys Service Name: isapnp Module Base: F7587000 Module End: F7591000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\compbatt.sys Service Name: Compbatt Module Base: F799B000 Module End: F799E000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\BATTC.SYS Service Name: BattC Module Base: F799F000 Module End: F79A3000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\pciide.sys Service Name: PCIIde Module Base: F7B4F000 Module End: F7B50000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\PCIIDEX.SYS Service Name: --- Module Base: F7807000 Module End: F780E000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\pcmcia.sys Service Name: Pcmcia Module Base: F7429000 Module End: F7447000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys Service Name: MountMgr Module Base: F7597000 Module End: F75A2000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys Service Name: Disk Module Base: F740A000 Module End: F7429000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\dmio.sys Service Name: dmio Module Base: F73E4000 Module End: F740A000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\ACPIEC.sys Service Name: ACPIEC Module Base: F79A3000 Module End: F79A6000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS Service Name: --- Module Base: F7B50000 Module End: F7B51000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys Service Name: PartMgr Module Base: F780F000 Module End: F7814000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys Service Name: VolSnap Module Base: F75A7000 Module End: F75B4000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\atapi.sys Service Name: atapi Module Base: F73CC000 Module End: F73E4000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\disk.sys Service Name: --- Module Base: F75B7000 Module End: F75C0000 Hidden: No Module Name: \WINDOWS\system32\DRIVERS\CLASSPNP.SYS Service Name: --- Module Base: F75C7000 Module End: F75D4000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\fltmgr.sys Service Name: FltMgr Module Base: F73AC000 Module End: F73CC000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\sr.sys Service Name: sr Module Base: F739A000 Module End: F73AC000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys Service Name: PxHelp20 Module Base: F75D7000 Module End: F75E0000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys Service Name: KSecDD Module Base: F7383000 Module End: F739A000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys Service Name: Ntfs Module Base: F72F6000 Module End: F7383000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\NDIS.sys Service Name: NDIS Module Base: F72C9000 Module End: F72F6000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\uagp35.sys Service Name: uagp35 Module Base: F75E7000 Module End: F75F2000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\Mup.sys Service Name: Mup Module Base: F72AF000 Module End: F72C9000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\intelppm.sys Service Name: intelppm Module Base: F7777000 Module End: F7781000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\CmBatt.sys Service Name: CmBatt Module Base: F7A3F000 Module End: F7A43000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\sisgrp.sys Service Name: SiS315 Module Base: F7203000 Module End: F7256000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Service Name: --- Module Base: F71EF000 Module End: F7203000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\i8042prt.sys Service Name: i8042prt Module Base: F7787000 Module End: F7794000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\SynTP.sys Service Name: SynTP Module Base: F71BC000 Module End: F71EF000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\USBD.SYS Service Name: --- Module Base: F7AA5000 Module End: F7AA7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mouclass.sys Service Name: Mouclass Module Base: F78B7000 Module End: F78BD000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Service Name: Kbdclass Module Base: F78BF000 Module End: F78C6000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\imapi.sys Service Name: Imapi Module Base: F7797000 Module End: F77A2000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\cdrom.sys Service Name: Cdrom Module Base: F77A7000 Module End: F77B7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\redbook.sys Service Name: redbook Module Base: F77B7000 Module End: F77C6000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ks.sys Service Name: --- Module Base: F7199000 Module End: F71BC000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\usbohci.sys Service Name: usbohci Module Base: F78C7000 Module End: F78CC000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Service Name: --- Module Base: F7175000 Module End: F7199000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\usbehci.sys Service Name: usbehci Module Base: F78CF000 Module End: F78D7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys Service Name: HDAudBus Module Base: F70C7000 Module End: F70EF000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\audstub.sys Service Name: audstub Module Base: F7BB5000 Module End: F7BB6000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Service Name: Rasl2tp Module Base: F77D7000 Module End: F77E4000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ndistapi.sys Service Name: NdisTapi Module Base: F7A47000 Module End: F7A4A000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ndiswan.sys Service Name: NdisWan Module Base: F70B0000 Module End: F70C7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\raspppoe.sys Service Name: RasPppoe Module Base: F77E7000 Module End: F77F2000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\raspptp.sys Service Name: PptpMiniport Module Base: F77F7000 Module End: F7803000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\TDI.SYS Service Name: --- Module Base: F78D7000 Module End: F78DC000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\psched.sys Service Name: PSched Module Base: F709F000 Module End: F70B0000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\msgpc.sys Service Name: Gpc Module Base: F7607000 Module End: F7610000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ptilink.sys Service Name: Ptilink Module Base: F78DF000 Module End: F78E4000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\raspti.sys Service Name: Raspti Module Base: F78E7000 Module End: F78EC000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rdpdr.sys Service Name: rdpdr Module Base: F7047000 Module End: F7077000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\termdd.sys Service Name: TermDD Module Base: F7617000 Module End: F7621000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\swenum.sys Service Name: swenum Module Base: F7AA7000 Module End: F7AA9000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\update.sys Service Name: Update Module Base: F6FE9000 Module End: F7047000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Service Name: mssmbios Module Base: F7A63000 Module End: F7A67000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\RtkHDAud.sys Service Name: IntcAzAudAddService Module Base: F6B1C000 Module End: F6FA4000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\portcls.sys Service Name: --- Module Base: F6AF8000 Module End: F6B1C000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\drmk.sys Service Name: --- Module Base: F7627000 Module End: F7636000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS Service Name: NDProxy Module Base: F7637000 Module End: F7641000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\usbhub.sys Service Name: usbhub Module Base: F7667000 Module End: F7676000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\i2omgmt.SYS Service Name: i2omgmt Module Base: F7A2B000 Module End: F7A2E000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Beep.SYS Service Name: Beep Module Base: F7AAF000 Module End: F7AB1000 Hidden: No Module Name: C:\WINDOWS\System32\drivers\vga.sys Service Name: VgaSave Module Base: F790F000 Module End: F7915000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\mnmdd.SYS Service Name: mnmdd Module Base: F7AB1000 Module End: F7AB3000 Hidden: No Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Service Name: RDPCDD Module Base: F7AB3000 Module End: F7AB5000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS Service Name: Npfs Module Base: F791F000 Module End: F7927000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rasacd.sys Service Name: RasAcd Module Base: F7A2F000 Module End: F7A32000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ipsec.sys Service Name: IPSec Module Base: A8F85000 Module End: A8F98000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\tcpip.sys Service Name: Tcpip Module Base: A8F2C000 Module End: A8F85000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\avgtdix.sys Service Name: AvgTdiX Module Base: A8F13000 Module End: A8F2C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\netbt.sys Service Name: NetBT Module Base: A8EEB000 Module End: A8F13000 Hidden: No Module Name: C:\WINDOWS\System32\drivers\afd.sys Service Name: AFD Module Base: A8EC9000 Module End: A8EEB000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\netbios.sys Service Name: NetBIOS Module Base: F7687000 Module End: F7690000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\srvkp.sys Service Name: SiSkp Module Base: F7927000 Module End: F792C000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\rdbss.sys Service Name: Rdbss Module Base: A8E9E000 Module End: A8EC9000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Service Name: MRxSmb Module Base: A8E2E000 Module End: A8E9E000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS Service Name: Fips Module Base: F76A7000 Module End: F76B2000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ipnat.sys Service Name: IpNat Module Base: A8178000 Module End: A819E000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\hidusb.sys Service Name: HidUsb Module Base: F7093000 Module End: F7096000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS Service Name: --- Module Base: F76B7000 Module End: F76C0000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS Service Name: --- Module Base: F792F000 Module End: F7936000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mouhid.sys Service Name: mouhid Module Base: F708F000 Module End: F7092000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\avgmfx86.sys Service Name: AvgMfx86 Module Base: F7937000 Module End: F793D000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\avgldx86.sys Service Name: AvgLdx86 Module Base: A80FF000 Module End: A8150000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\wanarp.sys Service Name: Wanarp Module Base: F76C7000 Module End: F76D0000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS Service Name: Cdfs Module Base: F7707000 Module End: F7717000 Hidden: No Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys Service Name: --- Module Base: A80E7000 Module End: A80FF000 Hidden: Yes Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS Service Name: --- Module Base: F7AC9000 Module End: F7ACB000 Hidden: Yes Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys Service Name: --- Module Base: A8FD0000 Module End: A8FD3000 Hidden: No Module Name: C:\WINDOWS\System32\watchdog.sys Service Name: --- Module Base: F7977000 Module End: F797C000 Hidden: No Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys Service Name: --- Module Base: F7C4C000 Module End: F7C4D000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys Service Name: NwlnkIpx Module Base: A7EA1000 Module End: A7EB7000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\nwlnknb.sys Service Name: NwlnkNb Module Base: A807F000 Module End: A808F000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\ndisuio.sys Service Name: Ndisuio Module Base: A7F2F000 Module End: A7F33000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\nwrdr.sys Service Name: NWRDR Module Base: A7D39000 Module End: A7D61000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\mrxdav.sys Service Name: MRxDAV Module Base: A7D0C000 Module End: A7D39000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys Service Name: NwlnkSpx Module Base: A806F000 Module End: A807D000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\srv.sys Service Name: Srv Module Base: A7BA2000 Module End: A7BF4000 Hidden: No Module Name: \??\C:\WINDOWS\system32\drivers\zntport.sys Service Name: zntport Module Base: F7BB2000 Module End: F7BB3000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys Service Name: wdmaud Module Base: A781D000 Module End: A7832000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys Service Name: sysaudio Module Base: A7942000 Module End: A7951000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys Service Name: HTTP Module Base: A71EC000 Module End: A722D000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\kmixer.sys Service Name: kmixer Module Base: A6FB6000 Module End: A6FE1000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Fastfat.SYS Service Name: Fastfat Module Base: A6F70000 Module End: A6F94000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\asyncmac.sys Service Name: AsyncMac Module Base: F7083000 Module End: F7087000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys Service Name: SiSGbeXP Module Base: A6F60000 Module End: A6F6B000 Hidden: No Module Name: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS Service Name: USBSTOR Module Base: F78A7000 Module End: F78AE000 Hidden: No Module Name: C:\WINDOWS\system32\drivers\dmload.sys Service Name: dmload Module Base: F7A8B000 Module End: F7A8D000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Null.SYS Service Name: Null Module Base: F7C90000 Module End: F7C91000 Hidden: No Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS Service Name: Msfs Module Base: F7917000 Module End: F791C000 Hidden: No ****************************************************************************************** ****************************************************************************************** No SSDT Hooks found ****************************************************************************************** ****************************************************************************************** No Kernel Hooks found ****************************************************************************************** ****************************************************************************************** No IRP Hooks found ****************************************************************************************** ****************************************************************************************** Ports: Local Address: PER:18080 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: PER:13128 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: PER:10080 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: PER:5152 Remote Address: LOCALHOST:1089 Type: TCP Process: C:\Program\Java\jre6\bin\jqs.exe State: CLOSE_WAIT Local Address: PER:5152 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Java\jre6\bin\jqs.exe State: LISTENING Local Address: PER:1038 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\WINDOWS\system32\alg.exe State: LISTENING Local Address: PER:8176 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDatabase.exe State: LISTENING Local Address: PER:8174 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSNMP.exe State: LISTENING Local Address: PER:8173 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSLP.exe State: LISTENING Local Address: PER:8172 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDeviceManager.exe State: LISTENING Local Address: PER:7450 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDispatcher.exe State: LISTENING Local Address: PER:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: PER:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: LISTENING Local Address: PER:90 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTWebServer.exe State: LISTENING Local Address: PER:3083 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\braviax.exe State: NA Local Address: PER:1900 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: PER:123 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: PER:4500 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\lsass.exe State: NA Local Address: PER:1036 Remote Address: NA Type: UDP Process: C:\Program\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSNMP.exe State: NA Local Address: PER:500 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\lsass.exe State: NA Local Address: PER:MICROSOFT-DS Remote Address: NA Type: UDP Process: System State: NA ****************************************************************************************** ****************************************************************************************** Hidden files/folders: Object: C:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: C:\System Volume Information\tracking.log Status: Access denied Object: C:\System Volume Information\_restore{D699C464-D8A3-4A3C-A4CB-135547AD34A6} Status: Access denied