SysProt AntiRootkit v1.0.1.0 by swatkat ****************************************************************************************** ****************************************************************************************** Process: Name: [System Idle Process] PID: 0 Hidden: No Window Visible: No Name: System PID: 4 Hidden: No Window Visible: No Name: C:\Windows\System32\smss.exe PID: 452 Hidden: No Window Visible: No Name: C:\Windows\System32\csrss.exe PID: 520 Hidden: No Window Visible: No Name: C:\Windows\System32\wininit.exe PID: 572 Hidden: No Window Visible: No Name: C:\Windows\System32\csrss.exe PID: 580 Hidden: No Window Visible: No Name: C:\Windows\System32\services.exe PID: 616 Hidden: No Window Visible: No Name: C:\Windows\System32\lsass.exe PID: 632 Hidden: No Window Visible: No Name: C:\Windows\System32\lsm.exe PID: 644 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 804 Hidden: No Window Visible: No Name: C:\Windows\System32\winlogon.exe PID: 880 Hidden: No Window Visible: No Name: C:\Windows\System32\nvvsvc.exe PID: 936 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 984 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1028 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1160 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1212 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1260 Hidden: No Window Visible: No Name: C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\stacsv.exe PID: 1316 Hidden: No Window Visible: No Name: C:\Windows\System32\audiodg.exe PID: 1344 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1420 Hidden: No Window Visible: No Name: C:\Windows\System32\SLsvc.exe PID: 1472 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1516 Hidden: No Window Visible: No Name: C:\Windows\System32\rundll32.exe PID: 1556 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1708 Hidden: No Window Visible: No Name: C:\Windows\System32\wlanext.exe PID: 1856 Hidden: No Window Visible: No Name: C:\Windows\System32\spoolsv.exe PID: 1924 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2028 Hidden: No Window Visible: No Name: C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\AEstSrv.exe PID: 1112 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PID: 1464 Hidden: No Window Visible: No Name: C:\Program Files\Bonjour\mDNSResponder.exe PID: 1568 Hidden: No Window Visible: No Name: C:\Program Files\Intel\WiFi\bin\EvtEng.exe PID: 696 Hidden: No Window Visible: No Name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PID: 2132 Hidden: No Window Visible: No Name: C:\Program Files\MozyHome\mozybackup.exe PID: 2228 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2272 Hidden: No Window Visible: No Name: C:\Program Files\MozyHome\mozybackup.exe PID: 2308 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PID: 2360 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2436 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2500 Hidden: No Window Visible: No Name: C:\Windows\System32\SearchIndexer.exe PID: 2568 Hidden: No Window Visible: No Name: C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe PID: 2604 Hidden: No Window Visible: No Name: C:\Windows\System32\wbem\WmiPrvSE.exe PID: 2688 Hidden: No Window Visible: No Name: C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe PID: 2980 Hidden: No Window Visible: No Name: C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe PID: 3008 Hidden: No Window Visible: No Name: C:\Windows\System32\taskeng.exe PID: 3212 Hidden: No Window Visible: No Name: C:\Program Files\MozyHome\mozybackup.exe PID: 3576 Hidden: No Window Visible: No Name: C:\Windows\System32\taskeng.exe PID: 3632 Hidden: No Window Visible: No Name: C:\Windows\System32\dwm.exe PID: 3652 Hidden: No Window Visible: No Name: C:\Program Files\Windows Defender\MSASCui.exe PID: 1296 Hidden: No Window Visible: No Name: C:\Windows\System32\rundll32.exe PID: 2196 Hidden: No Window Visible: No Name: C:\Windows\System32\rundll32.exe PID: 2260 Hidden: No Window Visible: No Name: C:\Program Files\IDT\WDM\sttray.exe PID: 2324 Hidden: No Window Visible: No Name: C:\Program Files\DellTPad\Apoint.exe PID: 1392 Hidden: No Window Visible: No Name: C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe PID: 1816 Hidden: No Window Visible: No Name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PID: 2480 Hidden: No Window Visible: No Name: C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PID: 2040 Hidden: No Window Visible: No Name: C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe PID: 1548 Hidden: No Window Visible: No Name: C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe PID: 3252 Hidden: No Window Visible: No Name: C:\Windows\WindowsMobile\wmdc.exe PID: 1532 Hidden: No Window Visible: No Name: C:\Program Files\Java\jre6\bin\jusched.exe PID: 3208 Hidden: No Window Visible: No Name: C:\Program Files\DellTPad\ApMsgFwd.exe PID: 3068 Hidden: No Window Visible: No Name: C:\Program Files\iTunes\iTunesHelper.exe PID: 2796 Hidden: No Window Visible: No Name: C:\Program Files\Windows Sidebar\sidebar.exe PID: 1072 Hidden: No Window Visible: Yes Name: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe PID: 1364 Hidden: No Window Visible: No Name: C:\Program Files\Windows Media Player\wmpnscfg.exe PID: 2024 Hidden: No Window Visible: No Name: C:\Users\jvpierce\tgzaaf.exe PID: 1484 Hidden: No Window Visible: No Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PID: 1576 Hidden: No Window Visible: No Name: C:\Program Files\DellTPad\hidfind.exe PID: 2524 Hidden: No Window Visible: No Name: C:\Windows\explorer.exe PID: 3200 Hidden: No Window Visible: No Name: C:\Program Files\DellTPad\ApntEx.exe PID: 3724 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 4004 Hidden: No Window Visible: No Name: C:\Program Files\Windows Sidebar\sidebar.exe PID: 3984 Hidden: No Window Visible: Yes Name: C:\Windows\System32\mobsync.exe PID: 3932 Hidden: No Window Visible: No Name: C:\Windows\System32\wbem\unsecapp.exe PID: 3552 Hidden: No Window Visible: No Name: C:\Program Files\Windows Media Player\wmpnetwk.exe PID: 2328 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe PID: 4296 Hidden: No Window Visible: No Name: C:\Program Files\iPod\bin\iPodService.exe PID: 4588 Hidden: No Window Visible: No Name: C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe PID: 5008 Hidden: No Window Visible: No Name: C:\Program Files\MozyHome\mozystat.exe PID: 5016 Hidden: No Window Visible: No Name: C:\Program Files\MagicDisc\MagicDisc.exe PID: 5040 Hidden: No Window Visible: No Name: C:\Program Files\Citrix\ICA Client\pnamain.exe PID: 5104 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe PID: 4924 Hidden: No Window Visible: No Name: C:\Windows\System32\wuauclt.exe PID: 4292 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe PID: 4732 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe PID: 5160 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe PID: 4092 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe PID: 5964 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 5760 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 4448 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 4764 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 4100 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 3560 Hidden: No Window Visible: No Name: C:\Program Files\DavidRM Software\The Journal 4\Journal4.exe PID: 3040 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 1608 Hidden: No Window Visible: No Name: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe PID: 6000 Hidden: No Window Visible: No Name: C:\Users\jvpierce\Desktop\SysProt.exe PID: 5988 Hidden: No Window Visible: Yes ****************************************************************************************** ****************************************************************************************** Kernel Modules: Module Name: \systemroot\system32\drivers\gasfkyydvxprcp.sys Service Name: gasfkyeyyoqnmr Module Base: --- Module End: --- Hidden: Yes Module Name: \??\C:\Users\jvpierce\Desktop\SysProtDrv.sys Service Name: SysProtDrv.sys Module Base: A7115000 Module End: A7120000 Hidden: No Module Name: C:\Windows\system32\ntkrnlpa.exe Service Name: --- Module Base: 82047000 Module End: 82400000 Hidden: No Module Name: C:\Windows\system32\hal.dll Service Name: --- Module Base: 82014000 Module End: 82047000 Hidden: No Module Name: C:\Windows\system32\kdcom.dll Service Name: --- Module Base: 8040E000 Module End: 80416000 Hidden: No Module Name: C:\Windows\system32\mcupdate_GenuineIntel.dll Service Name: --- Module Base: 80416000 Module End: 80476000 Hidden: No Module Name: C:\Windows\system32\PSHED.dll Service Name: --- Module Base: 80476000 Module End: 80487000 Hidden: No Module Name: C:\Windows\system32\BOOTVID.dll Service Name: --- Module Base: 80487000 Module End: 8048F000 Hidden: No Module Name: C:\Windows\system32\CLFS.SYS Service Name: CLFS Module Base: 8048F000 Module End: 804D0000 Hidden: No Module Name: C:\Windows\system32\CI.dll Service Name: --- Module Base: 804D0000 Module End: 805B0000 Hidden: No Module Name: C:\Windows\system32\drivers\Wdf01000.sys Service Name: Wdf01000 Module Base: 80601000 Module End: 8067D000 Hidden: No Module Name: C:\Windows\system32\drivers\WDFLDR.SYS Service Name: --- Module Base: 8067D000 Module End: 8068A000 Hidden: No Module Name: C:\Windows\system32\drivers\acpi.sys Service Name: ACPI Module Base: 8068A000 Module End: 806D0000 Hidden: No Module Name: C:\Windows\system32\drivers\WMILIB.SYS Service Name: --- Module Base: 806D0000 Module End: 806D9000 Hidden: No Module Name: C:\Windows\system32\drivers\msisadrv.sys Service Name: msisadrv Module Base: 806D9000 Module End: 806E1000 Hidden: No Module Name: C:\Windows\system32\drivers\pci.sys Service Name: pci Module Base: 806E1000 Module End: 80708000 Hidden: No Module Name: C:\Windows\System32\drivers\partmgr.sys Service Name: partmgr Module Base: 80708000 Module End: 80717000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\compbatt.sys Service Name: Compbatt Module Base: 80717000 Module End: 8071A000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\BATTC.SYS Service Name: BattC Module Base: 8071A000 Module End: 80724000 Hidden: No Module Name: C:\Windows\system32\drivers\volmgr.sys Service Name: volmgr Module Base: 80724000 Module End: 80733000 Hidden: No Module Name: C:\Windows\System32\drivers\volmgrx.sys Service Name: volmgrx Module Base: 80733000 Module End: 8077D000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pcmcia.sys Service Name: pcmcia Module Base: 8077D000 Module End: 807AA000 Hidden: No Module Name: C:\Windows\System32\drivers\mountmgr.sys Service Name: MountMgr Module Base: 807AA000 Module End: 807BA000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\iaStor.sys Service Name: iaStor Module Base: 82603000 Module End: 826D3000 Hidden: No Module Name: C:\Windows\system32\drivers\iastorv.sys Service Name: iaStorV Module Base: 826D3000 Module End: 82774000 Hidden: No Module Name: C:\Windows\system32\drivers\fltmgr.sys Service Name: FltMgr Module Base: 82774000 Module End: 827A6000 Hidden: No Module Name: C:\Windows\system32\drivers\fileinfo.sys Service Name: FileInfo Module Base: 827A6000 Module End: 827B6000 Hidden: No Module Name: C:\Windows\system32\drivers\NIS\1100000.088\SYMEFA.SYS Service Name: SymEFA Module Base: 827B6000 Module End: 827E2000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLACDBHM.SYS Service Name: DLACDBHM Module Base: 827E2000 Module End: 827E4000 Hidden: No Module Name: C:\Windows\System32\Drivers\DRVMCDB.SYS Service Name: DRVMCDB Module Base: 827E4000 Module End: 827FB000 Hidden: No Module Name: C:\Windows\System32\Drivers\PxHelp20.sys Service Name: PxHelp20 Module Base: 807BA000 Module End: 807C3000 Hidden: No Module Name: C:\Windows\System32\Drivers\ksecdd.sys Service Name: KSecDD Module Base: 8B608000 Module End: 8B679000 Hidden: No Module Name: C:\Windows\system32\drivers\ndis.sys Service Name: NDIS Module Base: 8B679000 Module End: 8B784000 Hidden: No Module Name: C:\Windows\system32\drivers\msrpc.sys Service Name: MsRPC Module Base: 8B784000 Module End: 8B7AF000 Hidden: No Module Name: C:\Windows\system32\drivers\NETIO.SYS Service Name: --- Module Base: 8B7AF000 Module End: 8B7E9000 Hidden: No Module Name: C:\Windows\System32\drivers\tcpip.sys Service Name: Tcpip Module Base: 8B80F000 Module End: 8B8F8000 Hidden: No Module Name: C:\Windows\System32\drivers\fwpkclnt.sys Service Name: --- Module Base: 8B8F8000 Module End: 8B913000 Hidden: No Module Name: C:\Windows\System32\Drivers\Ntfs.sys Service Name: Ntfs Module Base: 8BA06000 Module End: 8BB15000 Hidden: No Module Name: C:\Windows\system32\drivers\volsnap.sys Service Name: volsnap Module Base: 8BB15000 Module End: 8BB4E000 Hidden: No Module Name: C:\Windows\system32\drivers\NIS\1100000.088\SYMDS.SYS Service Name: SymDS Module Base: 8BB4E000 Module End: 8BBA4000 Hidden: No Module Name: C:\Windows\System32\Drivers\spldr.sys Service Name: spldr Module Base: 8BBA4000 Module End: 8BBAC000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\PBADRV.sys Service Name: PBADRV Module Base: 8BBAC000 Module End: 8BBB7000 Hidden: No Module Name: C:\Windows\System32\Drivers\mup.sys Service Name: Mup Module Base: 8BBB7000 Module End: 8BBC6000 Hidden: No Module Name: C:\Windows\System32\drivers\ecache.sys Service Name: Ecache Module Base: 8BBC6000 Module End: 8BBED000 Hidden: No Module Name: C:\Windows\system32\drivers\disk.sys Service Name: disk Module Base: 8BBED000 Module End: 8BBFE000 Hidden: No Module Name: C:\Windows\system32\drivers\CLASSPNP.SYS Service Name: --- Module Base: 8B913000 Module End: 8B934000 Hidden: No Module Name: C:\Windows\system32\drivers\crcdisk.sys Service Name: crcdisk Module Base: 8B934000 Module End: 8B93D000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\tunnel.sys Service Name: tunnel Module Base: 8F2D4000 Module End: 8F2DF000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\tunmp.sys Service Name: tunmp Module Base: 8F2DF000 Module End: 8F2E8000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\nvlddmkm.sys Service Name: nvlddmkm Module Base: 8F600000 Module End: 8FD31000 Hidden: No Module Name: C:\Windows\System32\drivers\dxgkrnl.sys Service Name: DXGKrnl Module Base: 8FD31000 Module End: 8FDD0000 Hidden: No Module Name: C:\Windows\System32\drivers\watchdog.sys Service Name: --- Module Base: 8FDD0000 Module End: 8FDDD000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\e1y6032.sys Service Name: e1yexpress Module Base: 8F2E8000 Module End: 8F322000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\usbuhci.sys Service Name: usbuhci Module Base: 8FDDD000 Module End: 8FDE8000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\USBPORT.SYS Service Name: --- Module Base: 8F322000 Module End: 8F360000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\usbehci.sys Service Name: usbehci Module Base: 8FDE8000 Module End: 8FDF7000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\HDAudBus.sys Service Name: HDAudBus Module Base: 8F360000 Module End: 8F372000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\NETw5v32.sys Service Name: NETw5v32 Module Base: 8FE05000 Module End: 9018D000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\usbohci.sys Service Name: usbohci Module Base: 9018D000 Module End: 90197000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_oflt.sys Service Name: pwi_oflt Module Base: 90197000 Module End: 9019A000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\ohci1394.sys Service Name: ohci1394 Module Base: 9019A000 Module End: 901AA000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\1394BUS.SYS Service Name: --- Module Base: 901AA000 Module End: 901B8000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\sdbus.sys Service Name: sdbus Module Base: 901B8000 Module End: 901D2000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\rimmptsk.sys Service Name: rimmptsk Module Base: 901D2000 Module End: 901E1000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\i8042prt.sys Service Name: i8042prt Module Base: 901E1000 Module End: 901F4000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\Apfiltr.sys Service Name: ApfiltrService Module Base: 8F372000 Module End: 8F39F000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mouclass.sys Service Name: mouclass Module Base: 901F4000 Module End: 901FF000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\kbdclass.sys Service Name: kbdclass Module Base: 8F39F000 Module End: 8F3AA000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\cdrom.sys Service Name: cdrom Module Base: 8F3AA000 Module End: 8F3C2000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\GEARAspiWDM.sys Service Name: GEARAspiWDM Module Base: 8FDF7000 Module End: 8FDFD000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\CmBatt.sys Service Name: CmBatt Module Base: 8FE00000 Module End: 8FE04000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\wmiacpi.sys Service Name: WmiAcpi Module Base: 8F3C2000 Module End: 8F3CB000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\intelppm.sys Service Name: intelppm Module Base: 8F3CB000 Module End: 8F3DA000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\msiscsi.sys Service Name: iScsiPrt Module Base: 8B94A000 Module End: 8B978000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\storport.sys Service Name: --- Module Base: 8B978000 Module End: 8B9B9000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\TDI.SYS Service Name: --- Module Base: 8F3DA000 Module End: 8F3E5000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\rasl2tp.sys Service Name: Rasl2tp Module Base: 8F3E5000 Module End: 8F3FC000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\ndistapi.sys Service Name: NdisTapi Module Base: 8B9B9000 Module End: 8B9C4000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\ndiswan.sys Service Name: NdisWan Module Base: 8B9C4000 Module End: 8B9E7000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\raspppoe.sys Service Name: RasPppoe Module Base: 8B9E7000 Module End: 8B9F6000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\raspptp.sys Service Name: PptpMiniport Module Base: 8B7E9000 Module End: 8B7FD000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\rassstp.sys Service Name: RasSstp Module Base: 807C3000 Module End: 807D8000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\rdpdr.sys Service Name: rdpdr Module Base: 90406000 Module End: 9048F000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\termdd.sys Service Name: TermDD Module Base: 9048F000 Module End: 9049F000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mcdbus.sys Service Name: mcdbus Module Base: 9049F000 Module End: 904BC000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\SCSIPORT.SYS Service Name: --- Module Base: 904BC000 Module End: 904E2000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\swenum.sys Service Name: swenum Module Base: 904E2000 Module End: 904E4000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\ks.sys Service Name: --- Module Base: 904E4000 Module End: 9050E000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mssmbios.sys Service Name: mssmbios Module Base: 9050E000 Module End: 90518000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\umbus.sys Service Name: umbus Module Base: 90518000 Module End: 90525000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\usbhub.sys Service Name: usbhub Module Base: 90525000 Module End: 90559000 Hidden: No Module Name: C:\Windows\System32\Drivers\NDProxy.SYS Service Name: NDProxy Module Base: 90559000 Module End: 9056A000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\stwrt.sys Service Name: STHDA Module Base: 9056A000 Module End: 905CC000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\portcls.sys Service Name: --- Module Base: 905CC000 Module End: 905F9000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\drmk.sys Service Name: --- Module Base: 807D8000 Module End: 807FD000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\usbccgp.sys Service Name: usbccgp Module Base: 805B0000 Module End: 805C7000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\USBD.SYS Service Name: --- Module Base: 905F9000 Module End: 905FB000 Hidden: No Module Name: C:\Windows\System32\Drivers\cvusbdrv.sys Service Name: cvusbdrv Module Base: 8B800000 Module End: 8B80B000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\usbccid.sys Service Name: USBCCID Module Base: 805C7000 Module End: 805D3000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\SMCLIB.SYS Service Name: --- Module Base: 805D3000 Module End: 805DE000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\OA001Vid.sys Service Name: OA001Vid Module Base: 9060D000 Module End: 90652000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\OA001Ufd.sys Service Name: OA001Ufd Module Base: 90652000 Module End: 90673000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mozy.sys Service Name: mozyFilter Module Base: 90673000 Module End: 90686000 Hidden: No Module Name: C:\Windows\System32\Drivers\Fs_Rec.SYS Service Name: Fs_Rec Module Base: 90686000 Module End: 9068F000 Hidden: No Module Name: C:\Windows\System32\Drivers\Null.SYS Service Name: Null Module Base: 9068F000 Module End: 90696000 Hidden: No Module Name: C:\Windows\System32\Drivers\Beep.SYS Service Name: Beep Module Base: 90696000 Module End: 9069D000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLARTL_M.SYS Service Name: DLARTL_M Module Base: 9069D000 Module End: 906A3000 Hidden: No Module Name: C:\Windows\System32\drivers\vga.sys Service Name: vga Module Base: 906A3000 Module End: 906AF000 Hidden: No Module Name: C:\Windows\System32\drivers\VIDEOPRT.SYS Service Name: --- Module Base: 906AF000 Module End: 906D0000 Hidden: No Module Name: C:\Windows\System32\DRIVERS\RDPCDD.sys Service Name: RDPCDD Module Base: 906D0000 Module End: 906D8000 Hidden: No Module Name: C:\Windows\system32\drivers\rdpencdd.sys Service Name: RDPENCDD Module Base: 906D8000 Module End: 906E0000 Hidden: No Module Name: C:\Windows\System32\Drivers\fastfat.SYS Service Name: fastfat Module Base: 90701000 Module End: 90729000 Hidden: No Module Name: C:\Windows\System32\Drivers\Msfs.SYS Service Name: Msfs Module Base: 90729000 Module End: 90734000 Hidden: No Module Name: C:\Windows\System32\Drivers\Npfs.SYS Service Name: Npfs Module Base: 90734000 Module End: 90742000 Hidden: No Module Name: C:\Windows\System32\DRIVERS\rasacd.sys Service Name: RasAcd Module Base: 90742000 Module End: 9074B000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\tdx.sys Service Name: tdx Module Base: 9074B000 Module End: 90761000 Hidden: No Module Name: C:\Windows\system32\drivers\NIS\1100000.088\SYMTDIV.SYS Service Name: SYMTDIv Module Base: 90761000 Module End: 907BA000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_bus.sys Service Name: pwi_bus Module Base: 907BA000 Module End: 907C7000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_wh.sys Service Name: --- Module Base: 907C7000 Module End: 907C9000 Hidden: No Module Name: \??\C:\Windows\system32\Drivers\SYMEVENT.SYS Service Name: SymEvent Module Base: 907C9000 Module End: 907EE000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_mdm.sys Service Name: pwi_mdm Module Base: 805DE000 Module End: 805F2000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_cm.sys Service Name: --- Module Base: 907EE000 Module End: 907F0000 Hidden: No Module Name: C:\Windows\system32\drivers\modem.sys Service Name: Modem Module Base: 907F0000 Module End: 907FD000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_mdfl.sys Service Name: pwi_mdfl Module Base: 907FD000 Module End: 90800000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pwi_serd.sys Service Name: pwi_serd Module Base: 9120C000 Module End: 9121C000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\smb.sys Service Name: Smb Module Base: 9121C000 Module End: 91230000 Hidden: No Module Name: C:\Windows\system32\drivers\afd.sys Service Name: AFD Module Base: 91230000 Module End: 91278000 Hidden: No Module Name: C:\Windows\System32\DRIVERS\netbt.sys Service Name: netbt Module Base: 91278000 Module End: 912AA000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\pacer.sys Service Name: PSched Module Base: 912AA000 Module End: 912C0000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\netbios.sys Service Name: NetBIOS Module Base: 912C0000 Module End: 912CE000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\wanarp.sys Service Name: Wanarp Module Base: 912CE000 Module End: 912E1000 Hidden: No Module Name: C:\Windows\system32\drivers\NIS\1100000.088\Ironx86.SYS Service Name: SymIRON Module Base: 912E1000 Module End: 91300000 Hidden: No Module Name: C:\Windows\system32\drivers\NIS\1100000.088\SRTSPX.SYS Service Name: SRTSPX Module Base: 91300000 Module End: 9130A000 Hidden: No Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys Service Name: SASKUTIL Module Base: 9130A000 Module End: 9132F000 Hidden: No Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS Service Name: SASDIFSV Module Base: 9132F000 Module End: 91335000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\rdbss.sys Service Name: rdbss Module Base: 91335000 Module End: 91371000 Hidden: No Module Name: C:\Windows\system32\drivers\nsiproxy.sys Service Name: nsiproxy Module Base: 91371000 Module End: 9137B000 Hidden: No Module Name: \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20090828.002\IDSVix86.sys Service Name: IDSVix86 Module Base: 9137B000 Module End: 913D3000 Hidden: No Module Name: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys Service Name: eeCtrl Module Base: 91800000 Module End: 9185E000 Hidden: No Module Name: C:\Windows\system32\drivers\csc.sys Service Name: CSC Module Base: 9185E000 Module End: 918B8000 Hidden: No Module Name: C:\Windows\System32\Drivers\dfsc.sys Service Name: DfsC Module Base: 918B8000 Module End: 918CF000 Hidden: No Module Name: C:\Windows\system32\drivers\NIS\1100000.088\ccHPx86.sys Service Name: ccHP Module Base: 918CF000 Module End: 9194E000 Hidden: No Module Name: \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx86.sys Service Name: BHDrvx86 Module Base: 9194E000 Module End: 919CE000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\udfs.sys Service Name: udfs Module Base: 8F200000 Module End: 8F23B000 Hidden: No Module Name: C:\Windows\System32\Drivers\crashdmp.sys Service Name: --- Module Base: 919CE000 Module End: 919DB000 Hidden: No Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys Service Name: --- Module Base: 95003000 Module End: 950D3000 Hidden: Yes Module Name: C:\Windows\System32\drivers\Dxapi.sys Service Name: --- Module Base: 950D3000 Module End: 950DD000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\monitor.sys Service Name: monitor Module Base: 950DD000 Module End: 950EC000 Hidden: No Module Name: \systemroot\win32k.sys:1 Service Name: --- Module Base: 950EC000 Module End: 950F1000 Hidden: Yes Module Name: \systemroot\win32k.sys:2 Service Name: --- Module Base: 950F1000 Module End: 95100000 Hidden: Yes Module Name: C:\Windows\system32\drivers\luafv.sys Service Name: luafv Module Base: 95100000 Module End: 9511B000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\CDAVFS.sys Service Name: CDAVFS Module Base: 9511B000 Module End: 9512A000 Hidden: No Module Name: C:\Windows\System32\Drivers\DRVNDDM.SYS Service Name: DRVNDDM Module Base: 9512A000 Module End: 95135000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLADResM.SYS Service Name: DLADResM Module Base: 95135000 Module End: 95136000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLAIFS_M.SYS Service Name: DLAIFS_M Module Base: 95136000 Module End: 9514F000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLAOPIOM.SYS Service Name: DLAOPIOM Module Base: 9514F000 Module End: 95155000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLAPoolM.SYS Service Name: DLAPoolM Module Base: 95155000 Module End: 95158000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLABMFSM.SYS Service Name: DLABMFSM Module Base: 95158000 Module End: 95160000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLABOIOM.SYS Service Name: DLABOIOM Module Base: 95160000 Module End: 95167000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLAUDFAM.SYS Service Name: DLAUDFAM Module Base: 95167000 Module End: 9517D000 Hidden: No Module Name: C:\Windows\System32\Drivers\DLAUDF_M.SYS Service Name: DLAUDF_M Module Base: 9517D000 Module End: 95194000 Hidden: No Module Name: C:\Windows\system32\drivers\spsys.sys Service Name: --- Module Base: A5008000 Module End: A50B7000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\lltdio.sys Service Name: lltdio Module Base: A50B7000 Module End: A50C7000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\nwifi.sys Service Name: NativeWifiP Module Base: A50C7000 Module End: A50F1000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\ndisuio.sys Service Name: Ndisuio Module Base: A50F1000 Module End: A50FB000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\rspndr.sys Service Name: rspndr Module Base: A50FB000 Module End: A510E000 Hidden: No Module Name: C:\Windows\system32\drivers\HTTP.sys Service Name: HTTP Module Base: A510E000 Module End: A5179000 Hidden: No Module Name: C:\Windows\System32\DRIVERS\srvnet.sys Service Name: srvnet Module Base: A5179000 Module End: A5196000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\bowser.sys Service Name: bowser Module Base: A5196000 Module End: A51AF000 Hidden: No Module Name: C:\Windows\System32\drivers\mpsdrv.sys Service Name: mpsdrv Module Base: A51AF000 Module End: A51C4000 Hidden: No Module Name: C:\Windows\system32\drivers\mrxdav.sys Service Name: MRxDAV Module Base: A51C4000 Module End: A51E4000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mrxsmb.sys Service Name: mrxsmb Module Base: 95194000 Module End: 951B3000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mrxsmb10.sys Service Name: mrxsmb10 Module Base: 951B3000 Module End: 951EC000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\mrxsmb20.sys Service Name: mrxsmb20 Module Base: A51E4000 Module End: A51FC000 Hidden: No Module Name: C:\Windows\System32\DRIVERS\srv2.sys Service Name: srv2 Module Base: 913D3000 Module End: 913FA000 Hidden: No Module Name: C:\Windows\System32\DRIVERS\srv.sys Service Name: srv Module Base: 8F23B000 Module End: 8F287000 Hidden: No Module Name: C:\Windows\system32\drivers\peauth.sys Service Name: PEAUTH Module Base: A7000000 Module End: A70DE000 Hidden: No Module Name: C:\Windows\System32\Drivers\secdrv.SYS Service Name: secdrv Module Base: A70DE000 Module End: A70E8000 Hidden: No Module Name: C:\Windows\System32\drivers\tcpipreg.sys Service Name: tcpipreg Module Base: A70E8000 Module End: A70F4000 Hidden: No Module Name: C:\Windows\system32\DRIVERS\cdfs.sys Service Name: cdfs Module Base: A70F4000 Module End: A710A000 Hidden: No ****************************************************************************************** ****************************************************************************************** SSDT: Function Name: ZwAlertResumeThread Address: 92732670 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwAlertThread Address: 923E0048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwAllocateVirtualMemory Address: 92A59C18 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwAlpcConnectPort Address: 8AF24610 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwAssignProcessToJobObject Address: 8B496D10 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwCreateMutant Address: 92A59428 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwCreateSymbolicLinkObject Address: 92A77FC0 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwCreateThread Address: 92A5B378 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwDebugActiveProcess Address: 92732278 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwDuplicateObject Address: 92A59D70 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwFreeVirtualMemory Address: 92A599A8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwImpersonateAnonymousToken Address: 8AF24830 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwImpersonateThread Address: 91DFC130 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwLoadDriver Address: 8AEB14E8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwMapViewOfSection Address: 92A598C8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenEvent Address: 9218B048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenProcess Address: 92A59F10 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenProcessToken Address: 921A5048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenSection Address: 91DFE0B8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenThread Address: 92A59E40 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwProtectVirtualMemory Address: 92A2F950 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwResumeThread Address: 921AC048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSetContextThread Address: 8B5A3D58 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSetInformationProcess Address: 92A59770 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSetSystemInformation Address: 925EAAA8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSuspendProcess Address: 927C3308 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwSuspendThread Address: 921A7048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwTerminateProcess Address: 8B528110 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwTerminateThread Address: 921AD048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwUnmapViewOfSection Address: 9218C048 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwWriteVirtualMemory Address: 92A59B48 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwCreateThreadEx Address: 92A77CB8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ ****************************************************************************************** ****************************************************************************************** Kernel Hooks: Hooked Function: ZwSaveKeyEx At Address: 8229C62A Jump To: 8AE8CC42 Module Name: _unknown_ Hooked Function: ZwSaveKey At Address: 8229C523 Jump To: 8AE642C2 Module Name: _unknown_ Hooked Function: ZwFlushInstructionCache At Address: 821F930B Jump To: 8AE9857C Module Name: _unknown_ Hooked Function: ZwEnumerateKey At Address: 8224EBA2 Jump To: 8AE8CC0C Module Name: _unknown_ Hooked Function: IofCompleteRequest At Address: 82080FE2 Jump To: 8AE9842B Module Name: _unknown_ Hooked Function: IofCallDriver At Address: 82102F6F Jump To: 8AE642FA Module Name: _unknown_ ****************************************************************************************** ****************************************************************************************** No IRP Hooks found ****************************************************************************************** ****************************************************************************************** Ports: Local Address: JULIE-DELL:50181 Remote Address: A96-17-160-113.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP Type: TCP Process: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe State: ESTABLISHED Local Address: JULIE-DELL:50180 Remote Address: A96-17-160-113.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP Type: TCP Process: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe State: ESTABLISHED Local Address: JULIE-DELL:50179 Remote Address: A96-17-160-113.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP Type: TCP Process: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe State: ESTABLISHED Local Address: JULIE-DELL:50178 Remote Address: A96-17-160-113.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP Type: TCP Process: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe State: ESTABLISHED Local Address: JULIE-DELL:50177 Remote Address: A96-17-160-113.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP Type: TCP Process: C:\Users\jvpierce\AppData\Local\Google\Chrome\Application\chrome.exe State: ESTABLISHED Local Address: JULIE-DELL:NETBIOS-SSN Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: JULIE-DELL:49171 Remote Address: LOCALHOST:27015 Type: TCP Process: C:\Program Files\iTunes\iTunesHelper.exe State: ESTABLISHED Local Address: JULIE-DELL:27015 Remote Address: LOCALHOST:49171 Type: TCP Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe State: ESTABLISHED Local Address: JULIE-DELL:27015 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe State: LISTENING Local Address: JULIE-DELL:7438 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:DCCM Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:5354 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: LISTENING Local Address: JULIE-DELL:49157 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\services.exe State: LISTENING Local Address: JULIE-DELL:49156 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:49155 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:49154 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\lsass.exe State: LISTENING Local Address: JULIE-DELL:49153 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:49152 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\wininit.exe State: LISTENING Local Address: JULIE-DELL:5357 Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: JULIE-DELL:FTPS Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: JULIE-DELL:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: JULIE-DELL:53730 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:5353 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: JULIE-DELL:SSDP Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:138 Remote Address: NA Type: UDP Process: System State: NA Local Address: JULIE-DELL:NETBIOS-NS Remote Address: NA Type: UDP Process: System State: NA Local Address: JULIE-DELL:53731 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:SSDP Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:59702 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: JULIE-DELL:50219 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:49154 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:49152 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: JULIE-DELL:LLMNR Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:IPSEC-MSFT Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:500 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: JULIE-DELL:123 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA