First off, thanks for the assistance. I really appreciate it.
1.No, this computer is a personal-use computer.
2. .
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_24
Run by Nick at 18:43:10 on 2011-06-23
Microsoft® Windows Vista™ Enterprise 6.0.6002.2.1252.1.1033.18.2006.510 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Lenovo\System Update\SUService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Prevx\prevx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Live\Companion\companionuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
hxxp://www.google.com/mURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: SafeOnline BHO: {69d72956-317c-44bd-b369-8e44d4ef9801} - c:\windows\system32\PxSecure.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [usoRDPRVVkvyke] c:\programdata\usoRDPRVVkvyke.exe
uRun: [wImmllaMmJiOJ] c:\programdata\wImmllaMmJiOJ.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRunOnce: [AvgUninstallURL] cmd.exe /c start
http://www.avg.com/ww.special-uninstall ... AA4ADYARwA"&"inst=NwA3AC0ANAAxADQANwA4ADIAMQAyADQALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEA"&"prod=90"&"ver=9.0.894
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\device~1.lnk - c:\program files\pixela\mediabrowser le\MBCameraMonitor.exe
mPolicies-explorer: UseDefaultTile = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: LogonType = 0 (0x0)
dPolicies-explorer: NoWelcomeScreen = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoStrCmpLogical = 1 (0x1)
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} -
hxxp://content.systemrequirementslab.co ... 1.71.0.cabDPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
hxxp://download.eset.com/special/eos-be ... canner.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} -
hxxps://wireless.net.uts.edu.au/dana-ca ... Client.cabTCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{70AC67CB-D1F5-457F-B88E-E9D79F2C5DE1} : DhcpNameServer = 68.87.77.134 68.87.72.134
TCP: Interfaces\{D26F9DC7-1359-48AF-B886-552ADB374F12} : DhcpNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\abc\appdata\roaming\mozilla\firefox\profiles\guul31uy.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.coachingactuaries.com/Exams/ ... ourse.aspxFF - prefs.js: keyword.URL -
hxxp://www.google.com/search?sourceid=n ... t&hl=en&q=FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\abc\appdata\roaming\mozilla\firefox\profiles\guul31uy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\abc\appdata\roaming\mozilla\firefox\profiles\guul31uy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\abc\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\users\abc\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\abc\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-10-13 64288]
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2011-6-21 32008]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2008-7-22 13744]
R1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2011-6-21 76696]
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [2011-6-19 18816]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2011-6-21 6416120]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1378040]
R2 smihlp;SMI Helper Driver (smihlp);c:\program files\common files\thinkvantage fingerprint software\drivers\smihlp.sys [2006-12-8 11152]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2008-3-26 55936]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-8-12 15264]
R3 LenovoRd;LenovoRd;c:\windows\system32\drivers\LenovoRd.sys [2008-7-2 81280]
R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [2011-6-21 26096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 9D6B9DBA;9D6B9DBA;c:\windows\system32\9d6b9dba.exe --> c:\windows\system32\9D6B9DBA.exe [?]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-7-2 220696]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-06-23 13:57:46 -------- d-----w- c:\program files\Trend Micro
2011-06-23 13:57:14 -------- d-s---w- C:\ComboFixes28233C
2011-06-23 13:55:45 -------- d-s---w- C:\ComboFixes20118C
2011-06-22 00:41:37 -------- d-----w- c:\program files\ESET
2011-06-22 00:22:12 71880 ----a-w- c:\windows\system32\PxSecure.dll
2011-06-22 00:22:11 76696 ----a-w- c:\windows\system32\drivers\pxrts.sys
2011-06-22 00:22:11 32008 ----a-w- c:\windows\system32\drivers\pxscan.sys
2011-06-22 00:22:11 26096 ----a-w- c:\windows\system32\drivers\pxkbf.sys
2011-06-22 00:22:11 -------- d-----w- c:\program files\Prevx
2011-06-22 00:22:05 -------- d-----w- c:\programdata\PrevxCSI
2011-06-21 23:59:14 -------- d-s---w- C:\ComboFixes2234C
2011-06-21 23:23:57 -------- d-s---w- C:\ComboFixes31848C
2011-06-21 23:02:34 -------- d-s---w- C:\ComboFixes21469C
2011-06-21 22:21:21 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{57219340-bb7d-4b67-9812-9336244f162a}\mpengine.dll
2011-06-21 21:49:46 -------- d-s---w- C:\ComboFixes23954C
2011-06-21 21:41:23 -------- d-s---w- C:\ComboFixes
2011-06-21 16:42:27 -------- d-----w- c:\users\abc\appdata\local\Adobe
2011-06-21 04:53:11 -------- d-----w- c:\users\abc\appdata\local\Apps
2011-06-20 15:20:15 -------- d-----w- c:\users\abc\appdata\local\Apple
2011-06-20 15:20:00 -------- d-----w- c:\users\abc\appdata\local\Apple Computer
2011-06-19 14:59:29 18816 ------w- c:\windows\system32\SAVRKBootTasks.sys
2011-06-19 04:29:11 -------- d-----w- c:\users\abc\appdata\local\Google
2011-06-19 03:19:49 -------- d-----w- c:\program files\Sophos
2011-06-19 03:05:10 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-16 16:21:58 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 16:21:58 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 16:21:58 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 16:21:55 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-06-12 19:23:18 -------- d-----w- c:\users\abc\appdata\local\temp
2011-06-12 05:06:41 -------- d-----w- c:\users\abc\appdata\roaming\Malwarebytes
2011-06-12 05:06:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-12 05:06:11 -------- d-----w- c:\programdata\Malwarebytes
2011-06-12 05:06:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-29 04:03:02 -------- d-----w- c:\windows\system32\Updates
2011-05-29 04:03:01 -------- d-----w- c:\windows\system32\Data
.
==================== Find3M ====================
.
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-25 00:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 17:16:14 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 13:25:10 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25:09 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-21 13:58:27 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-19 19:19:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-17 00:26:20 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-04-14 14:59:03 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
.
============= FINISH: 18:44:05.88 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Enterprise
Boot Device: \Device\HarddiskVolume1
Install Date: 10/6/2008 8:24:13 AM
System Uptime: 6/23/2011 8:44:20 AM (10 hours ago)
.
Motherboard: LENOVO | | 64634XU
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | None | 2001/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 9.905 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
==== System Restore Points ===================
.
RP1097: 6/16/2011 9:22:44 AM - Scheduled Checkpoint
RP1098: 6/16/2011 11:14:49 AM - Windows Update
RP1099: 6/17/2011 11:04:14 AM - Windows Update
RP1100: 6/17/2011 11:29:18 AM - Windows Update
RP1101: 6/19/2011 3:00:18 AM - Windows Update
RP1102: 6/21/2011 12:28:01 AM - Scheduled Checkpoint
RP1103: 6/21/2011 5:20:21 PM - Windows Update
RP1104: 6/23/2011 10:28:35 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Akamai NetSession Interface
Curse Client
ESET Online Scanner v3
GameRanger
HijackThis 2.0.2
Juniper Networks Setup Client
Microsoft .NET Framework 4 Client Profile
Move Media Player
Prevx
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
.
==== Event Viewer Messages From Past Week ========
.
6/23/2011 6:44:06 PM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
6/23/2011 6:41:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the 9D6B9DBA service to connect.
6/23/2011 6:41:27 PM, Error: Service Control Manager [7000] - The 9D6B9DBA service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
3.
Results of screen317's Security Check version 0.99.15
Windows Vista Service Pack 2
(UAC is disabled!) Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check: Windows Firewall Enabled!
ESET Online Scanner v3
Prevx
WMI entry may not exist for antivirus; attempting automatic update. ```````````````````````````````
Anti-malware/Other Utilities Check: HijackThis 2.0.2
````````````````````````````````
Process Check:
objlist.exe by Laurent Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Trend Micro HijackThis HijackThis.exe
``````````End of Log```````````` 4.
RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8C80F000 C:\Windows\system32\DRIVERS\igdkmd32.sys 7315456 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x82201000 C:\Windows\system32\ntkrnlpa.exe 3907584 bytes (Microsoft Corporation, NT Kernel & System)
0x82201000 PnpManager 3907584 bytes
0x82201000 RAW 3907584 bytes
0x82201000 WMIxWDM 3907584 bytes
0x8D203000 C:\Windows\system32\DRIVERS\NETw4v32.sys 2289664 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x98470000 Win32k 2113536 bytes
0x98470000 C:\Windows\System32\win32k.sys 2113536 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x88604000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x88203000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8FC04000 C:\Windows\system32\DRIVERS\HSF_DPV.sys 991232 bytes (Conexant Systems, Inc., HSF_DP driver)
0x88407000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x806D9000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xAF205000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8D093000 C:\Windows\system32\DRIVERS\btkrnl.sys 851968 bytes (Broadcom Corporation., Bluetooth Bus Enumerator)
0x8850C000 C:\Windows\System32\Drivers\dump_iaStor.sys 819200 bytes
0x88006000 C:\Windows\system32\drivers\iastor.sys 819200 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8FCF6000 C:\Windows\system32\DRIVERS\HSF_CNXT.sys 733184 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x81A0F000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x8CF09000 C:\Windows\System32\drivers\dxgkrnl.sys 655360 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0xAE2F0000 C:\Windows\system32\Drivers\CVPNDRVA.sys 589824 bytes (Cisco Systems, Inc., Cisco Systems VPN Client IPSec Driver)
0x8D006000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x8D80D000 C:\Windows\system32\DRIVERS\rdpdr.sys 561152 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0x87E05000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x88145000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x8060F000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x81B16000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x90AF6000 C:\Windows\system32\drivers\csc.sys 372736 bytes (Microsoft Corporation, Windows Client Side Caching Driver)
0x8D93E000 C:\Windows\system32\drivers\ADIHdAud.sys 368640 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
0x8D48D000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0xAE280000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x87F37000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x90A01000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x87E8E000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80698000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8D163000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x88374000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x90AAE000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x88339000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8CFB5000 C:\Windows\system32\DRIVERS\e1e6032.sys 233472 bytes (Intel Corporation, Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver)
0xAE207000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x88714000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8D8EF000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x881B6000 C:\Windows\system32\DRIVERS\HSFHWAZL.sys 212992 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x825BB000 ACPI_HAL 208896 bytes
0x825BB000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xAF310000 C:\Windows\System32\Drivers\RDPWD.SYS 208896 bytes (Microsoft Corporation, RDP Terminal Stack Driver)
0x880F4000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x807CD000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8D5B2000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x87F9D000 C:\Windows\system32\DRIVERS\pcmcia.sys 184320 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0x8D998000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8830E000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8D51A000 C:\Windows\system32\DRIVERS\SynTP.sys 176128 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0x8D8AE000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x81ACF000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0xAE258000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x88764000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x87EE5000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8D9C5000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8878B000 C:\Windows\System32\DRIVERS\fvevol.sys 147456 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x8D1BB000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x887C0000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x81BCE000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x883DB000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x90BBC000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x880D6000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x8D589000 C:\Windows\system32\DRIVERS\dne2000.sys 122880 bytes (Deterministic Networks, Inc., Deterministic Network Enhancer)
0x81B83000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x884F1000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x90B9F000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x8D450000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0x81BA0000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8D562000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xAE240000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x90B51000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8D1A4000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xAF343000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x90A49000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x881EA000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x81BB9000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x883C6000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x87FE0000 C:\Windows\System32\Drivers\LenovoRd.sys 81920 bytes (Lenovo, Smart Card Reader Driver)
0x883B2000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8D479000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x807B9000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8D4DE000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x81B03000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x90A87000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x887AF000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x90B75000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x8D92D000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8067F000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8FDB6000 C:\Windows\System32\drivers\pxrts.sys 69632 bytes (Prevx, Prevx Realtime Security)
0x8FDCC000 C:\Windows\System32\Drivers\btwusb.sys 65536 bytes (Broadcom Corporation., Driver for Bluetooth USB Devices)
0x88126000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8D4F3000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x81ABF000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x87FCA000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8D432000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x8D896000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x885F0000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x88136000 C:\Windows\system32\DRIVERS\Lbd.sys 61440 bytes (Lavasoft AB, Boot Driver)
0x90B90000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x88755000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x87F0C000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8D1DE000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8D46A000 C:\Windows\system32\DRIVERS\rimmptsk.sys 61440 bytes (REDC, RICOH SD Driver)
0x8C800000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x87F28000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8D442000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x986B0000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x90A5F000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8D1ED000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x87F88000 C:\Windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x90B68000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8FDA9000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8D8E2000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x87E81000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0xAF2ED000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0xAF304000 C:\Windows\System32\DRIVERS\tssecsrv.sys 49152 bytes (Microsoft Corporation, TS Security Filter Driver)
0x8FDF3000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8CFA9000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8D5A7000 C:\Windows\system32\DRIVERS\dsNcAdpt.sys 45056 bytes (Juniper Networks, dsNcAdapter)
0x8D50F000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8D547000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8D800000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8D5EC000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x885E5000 C:\Windows\System32\Drivers\SMCLIB.SYS 45056 bytes (Microsoft Corporation, Smard Card Driver Library)
0x87FF4000 C:\Windows\System32\Drivers\tcusb.sys 45056 bytes (UPEK Inc., TouchChip USB Kernel Driver)
0x8D5E1000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0xAF2F9000 C:\Windows\system32\drivers\tdtcp.sys 45056 bytes (Microsoft Corporation, TCP Transport Driver)
0x8CFEE000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x87F1E000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x90B86000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8D8D8000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x81AF9000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x90AEA000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xAF2E3000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xAE2CF000 C:\Windows\system32\DRIVERS\asyncmac.sys 36864 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0xAF374000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x887E1000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8FDDC000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x8D924000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x8D5F7000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x98690000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x887F7000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8D580000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x87ED4000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x880CE000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8D552000 C:\Windows\system32\DRIVERS\atmeltpm.sys 32768 bytes (Atmel, Inc., Atmel TPM Driver)
0x80690000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0xAF35E000 C:\Users\abc\AppData\Local\Temp\catchme.sys 32768 bytes
0x87EDD000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8D9EA000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8D9F2000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x90AA6000 C:\Windows\System32\drivers\Smapint.sys 32768 bytes (Microsoft Corporation, SMAPI I/O)
0x8874D000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8FDEC000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8D503000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x87F81000 C:\Windows\system32\DRIVERS\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x80608000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xAF36D000 C:\Users\abc\AppData\Local\Temp\mbr.sys 28672 bytes
0x8FDE5000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x87F96000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x8D57A000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x8D8A6000 C:\Windows\system32\DRIVERS\psadd.sys 24576 bytes (Lenovo (United States) Inc., SMBIOS Driver)
0x87FDA000 C:\Windows\System32\drivers\pxscan.sys 24576 bytes (Prevx, Prevx Scanner)
0x90AA0000 C:\Windows\System32\drivers\TDSMAPI.SYS 24576 bytes
0x90A9A000 C:\Windows\System32\drivers\Tppwr32v.sys 24576 bytes
0x8D50A000 C:\Windows\System32\drivers\pxkbf.sys 20480 bytes (Prevx, Prevx Keyboard Security)
0x8FDC7000 C:\Windows\system32\SAVRKBootTasks.sys 20480 bytes (Sophos Plc, Sophos boot tasks for Windows 2000)
0x8D55A000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x8D55E000 C:\Windows\system32\DRIVERS\ibmpmdrv.sys 16384 bytes (Lenovo., ThinkPad Power Management Driver)
0xAE380000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x87F1B000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xAF359000 C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys 12288 bytes
0xAF35C000 C:\Windows\system32\Drivers\PROCEXP113.SYS 8192 bytes
0x90BBA000 C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys 8192 bytes (UPEK Inc., SMI helper driver)
0x90AF4000 C:\Windows\system32\DRIVERS\smiif32.sys 8192 bytes (Lenovo Group Limited, SMI Driver for Lenovo system)
0x8D8AC000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8D4F1000 C:\Windows\system32\DRIVERS\tkbtnpn.sys 8192 bytes (Lenovo, ThinkPad Tablet Keyboard and Buttons HID Driver)
0x8D545000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x88714000 WARNING: Virus alike driver modification [volsnap.sys], 233472 bytes
0x86966288 Unknown page with executable code, 3448 bytes
0x8696AE7A Unknown thread object [ ETHREAD 0x86935D78 ] TID: 300, 600 bytes
0x8696D008 Unknown thread object [ ETHREAD 0x86B95AA0 ] TID: 304, 600 bytes
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x822A97AA-->822A97B1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC914, Type: Inline - RelativeJump 0x822AD914-->822AD8F5 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC9A4, Type: Inline - RelativeJump 0x822AD9A4-->822AD986 [ntkrnlpa.exe]
[1556]plugin-container.exe-->kernel32.dll-->GetCurrentProcess, Type: IAT modification 0x00402008-->59002683 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->GetCurrentProcessId, Type: IAT modification 0x00402014-->5FBE7C10 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->GetCurrentThreadId, Type: IAT modification 0x00402030-->FF331000 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->GetSystemTimeAsFileTime, Type: IAT modification 0x00402010-->00B880FE [QuickTime.dll]
[1556]plugin-container.exe-->kernel32.dll-->GetTickCount, Type: IAT modification 0x00402018-->3353C35E [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->InterlockedCompareExchange, Type: IAT modification 0x00402024-->E8057557 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->InterlockedExchange, Type: IAT modification 0x0040202C-->ACE4358B [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->IsDebuggerPresent, Type: IAT modification 0x00402000-->E836FFE2 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->QueryPerformanceCounter, Type: IAT modification 0x0040201C-->8C1D39DB [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: IAT modification 0x00402020-->561000B8 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->Sleep, Type: IAT modification 0x00402028-->00001F83 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->TerminateProcess, Type: IAT modification 0x0040200C-->8104C683 [unknown_code_page]
[1556]plugin-container.exe-->kernel32.dll-->UnhandledExceptionFilter, Type: IAT modification 0x00402004-->FFFFFC11 [unknown_code_page]
[2828]SUService.exe-->advapi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77C8151C-->6FB5F4C6 [AcGenral.dll]
[2828]SUService.exe-->advapi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77C816D0-->6FB60F61 [AcGenral.dll]
[2828]SUService.exe-->advapi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77C81664-->6FB5F635 [AcGenral.dll]
[2828]SUService.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->701C4618 [shimeng.dll]
[2828]SUService.exe-->advapi32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77C81668-->6FB5F6FF [AcGenral.dll]
[2828]SUService.exe-->advapi32.dll-->kernel32.dll-->OpenFile, Type: IAT modification 0x77C81514-->6FB5F854 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x73C01004-->6FB600FA [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x73C01000-->6FB60209 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x73C0106C-->6FB608C9 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x73C0100C-->6FB60311 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x73C01008-->6FB603E5 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x73C01088-->6FB606CB [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x73C01054-->6FB60777 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->kernel32.dll-->CreateFileA, Type: IAT modification 0x73C0139C-->6FB60E45 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x73C01298-->6FB60F61 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x73C01324-->6FB5F635 [AcGenral.dll]
[2828]SUService.exe-->crypt32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x73C01288-->701C4618 [shimeng.dll]
[2828]SUService.exe-->crypt32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x73C01328-->6FB5FB76 [AcGenral.dll]
[2828]SUService.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->6FB5F4C6 [AcGenral.dll]
[2828]SUService.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->6FB60F61 [AcGenral.dll]
[2828]SUService.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->6FB5F635 [AcGenral.dll]
[2828]SUService.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->701C4618 [shimeng.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->AccessCheck, Type: IAT modification 0x768E1C04-->6FB5F40A [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x768E1B34-->6FB60209 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyW, Type: IAT modification 0x768E1CB8-->6FB60068 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x768E1B54-->6FB608C9 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x768E1CFC-->6FB60311 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x768E1B2C-->6FB603E5 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x768E1B30-->6FB60777 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueW, Type: IAT modification 0x768E1B74-->6FB60623 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->advapi32.dll-->SetFileSecurityW, Type: IAT modification 0x768E1CC8-->6FB609C4 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->6FB5F4C6 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->6FB60F61 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->6FB5F635 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->701C4618 [shimeng.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->6FB5F7E4 [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->6FB5F6FF [AcGenral.dll]
[2828]SUService.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->6FB5FB76 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->6FB60209 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->6FB603E5 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x77D51550-->6FB60777 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->6FB5F4C6 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->6FB60F61 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->6FB5F635 [AcGenral.dll]
[2828]SUService.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->701C4618 [shimeng.dll]
[2828]SUService.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->6FB5F6FF [AcGenral.dll]
[2828]SUService.exe-->ws2_32.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x4B0D1104-->6FB600FA [AcGenral.dll]
[2828]SUService.exe-->ws2_32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x4B0D110C-->6FB60311 [AcGenral.dll]
[2828]SUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x4B0D1114-->6FB606CB [AcGenral.dll]
[2828]SUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x4B0D1110-->6FB60777 [AcGenral.dll]
[2828]SUService.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->701C4618 [shimeng.dll]
[4988]plugin-container.exe-->user32.dll-->GetWindowInfo, Type: Inline - RelativeJump 0x76F9428E-->642F7187 [xul.dll]
[4988]plugin-container.exe-->user32.dll-->SetWindowLongA, Type: Inline - RelativeJump 0x76F8E7CD-->644C8DD9 [xul.dll]
[4988]plugin-container.exe-->user32.dll-->SetWindowLongW, Type: Inline - RelativeJump 0x76F913B4-->644C8D6B [xul.dll]
[4988]plugin-container.exe-->user32.dll-->TrackPopupMenu, Type: Inline - RelativeJump 0x76FA14F3-->642F7781 [xul.dll]
[5252]iexplore.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - RelativeJump 0x757BA229-->73EA6FB0 [PxSecure.dll]
[5252]iexplore.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - SEH 0x757BA22E [unknown_code_page]
[5252]iexplore.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - SEH 0x757BA22F [unknown_code_page]
[5252]iexplore.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - RelativeJump 0x74FA501A-->73EA6F30 [PxSecure.dll]
[5252]iexplore.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - SEH 0x74FA501F [unknown_code_page]
[5252]iexplore.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - SEH 0x74FA5020 [unknown_code_page]
[5252]iexplore.exe-->kernel32.dll-->CreateThread, Type: Inline - RelativeJump 0x763CC90E-->73EA7090 [PxSecure.dll]
[5252]iexplore.exe-->kernel32.dll-->OutputDebugStringA, Type: Inline - RelativeJump 0x763C0264-->73EA7D60 [PxSecure.dll]
[5252]iexplore.exe-->ntdll.dll-->NtCreateFile, Type: Inline - RelativeJump 0x77084224-->73EA7940 [PxSecure.dll]
[5252]iexplore.exe-->ntdll.dll-->NtCreateSection, Type: Inline - RelativeJump 0x77084314-->73EA7A60 [PxSecure.dll]
[5252]iexplore.exe-->ntdll.dll-->NtOpenFile, Type: Inline - RelativeJump 0x77084A04-->73EA78D0 [PxSecure.dll]
[5252]iexplore.exe-->ntdll.dll-->NtOpenSection, Type: Inline - RelativeJump 0x77084AB4-->73EA7B00 [PxSecure.dll]
[5252]iexplore.exe-->ntdll.dll-->NtWriteFile, Type: Inline - RelativeJump 0x77085494-->73EA7B40 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x76F88E3B-->6BE7D0CD [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x76F91305-->6BE8DB04 [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x76FC847D-->6BF8538C [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x76FB2EF5-->6BF85329 [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x76FC8152-->6BF852C6 [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x76FB10B0-->6BDB54C5 [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x76FDD639-->6BF8518E [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x76FDD65D-->6BF8512C [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x76FDD4D9-->6BF8525B [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x76FDD5D3-->6BF851F0 [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->PostMessageA, Type: Inline - RelativeJump 0x76F8F8F8-->73EA6E90 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->PostMessageW, Type: Inline - RelativeJump 0x76F9A175-->73EA6ED0 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->PostThreadMessageA, Type: Inline - RelativeJump 0x76F8BD34-->73EA2720 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->PostThreadMessageW, Type: Inline - RelativeJump 0x76F97C8E-->73EA2740 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendMessageA, Type: Inline - RelativeJump 0x76F8F956-->73EA69D0 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendMessageCallbackA, Type: Inline - RelativeJump 0x76FE2CA7-->73EA6D70 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendMessageCallbackW, Type: Inline - RelativeJump 0x76F94570-->73EA6DC0 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendMessageTimeoutA, Type: Inline - RelativeJump 0x76FB0006-->73EA6CD0 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendMessageTimeoutW, Type: Inline - RelativeJump 0x76F9352D-->73EA6D20 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendMessageW, Type: Inline - RelativeJump 0x76FA0AED-->73EA6AA0 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendNotifyMessageA, Type: Inline - RelativeJump 0x76FADFCF-->73EA6C50 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SendNotifyMessageW, Type: Inline - RelativeJump 0x76F893D6-->73EA6C90 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x76F887AD-->6BE89A91 [ieframe.dll]
[5252]iexplore.exe-->user32.dll-->SetWindowTextW, Type: Inline - RelativeJump 0x76F99815-->73EA7800 [PxSecure.dll]
[5252]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x76F898DB-->6BDF466E [ieframe.dll]
[5252]iexplore.exe-->wininet.dll-->HttpSendRequestA, Type: Inline - RelativeJump 0x7584EE89-->73EA2760 [PxSecure.dll]
[5252]iexplore.exe-->wininet.dll-->HttpSendRequestExA, Type: Inline - RelativeJump 0x758AA642-->73EA2820 [PxSecure.dll]
[5252]iexplore.exe-->wininet.dll-->HttpSendRequestExW, Type: Inline - RelativeJump 0x758AA69B-->73EA27F0 [PxSecure.dll]
[5252]iexplore.exe-->wininet.dll-->HttpSendRequestW, Type: Inline - RelativeJump 0x7583FABE-->73EA27C0 [PxSecure.dll]
[5252]iexplore.exe-->wininet.dll-->InternetWriteFile, Type: Inline - RelativeJump 0x75896076-->73EA2790 [PxSecure.dll]
[5252]iexplore.exe-->ws2_32.dll-->closesocket, Type: Inline - RelativeJump 0x7718330C-->0070000A [unknown_code_page]
[5252]iexplore.exe-->ws2_32.dll-->connect, Type: Inline - RelativeJump 0x771840D9-->73EA28D0 [PxSecure.dll]
[5252]iexplore.exe-->ws2_32.dll-->sendto, Type: Inline - RelativeJump 0x771867C5-->73EA2890 [PxSecure.dll]
[5252]iexplore.exe-->ws2_32.dll-->WSAConnect, Type: Inline - RelativeJump 0x7718D7B0-->73EA2850 [PxSecure.dll]
[5252]iexplore.exe-->ws2_32.dll-->WSASend, Type: Inline - RelativeJump 0x77184496-->73EA2910 [PxSecure.dll]
[5252]iexplore.exe-->ws2_32.dll-->WSASocketW, Type: Inline - RelativeJump 0x771834EB-->73EA2950 [PxSecure.dll]
[5252]iexplore.exe-->ws2_32.dll-->WSASocketW, Type: Inline - SEH 0x771834F0 [unknown_code_page]
[5252]iexplore.exe-->ws2_32.dll-->WSASocketW, Type: Inline - SEH 0x771834F1 [unknown_code_page]
[5488]iexplore.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - RelativeJump 0x757BA229-->73EA6FB0 [PxSecure.dll]
[5488]iexplore.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - SEH 0x757BA22E [unknown_code_page]
[5488]iexplore.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - SEH 0x757BA22F [unknown_code_page]
[5488]iexplore.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - RelativeJump 0x74FA501A-->73EA6F30 [PxSecure.dll]
[5488]iexplore.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - SEH 0x74FA501F [unknown_code_page]
[5488]iexplore.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - SEH 0x74FA5020 [unknown_code_page]
[5488]iexplore.exe-->kernel32.dll-->CreateThread, Type: Inline - RelativeJump 0x763CC90E-->73EA7090 [PxSecure.dll]
[5488]iexplore.exe-->kernel32.dll-->OutputDebugStringA, Type: Inline - RelativeJump 0x763C0264-->73EA7D60 [PxSecure.dll]
[5488]iexplore.exe-->ntdll.dll-->NtCreateFile, Type: Inline - RelativeJump 0x77084224-->73EA7940 [PxSecure.dll]
[5488]iexplore.exe-->ntdll.dll-->NtCreateSection, Type: Inline - RelativeJump 0x77084314-->73EA7A60 [PxSecure.dll]
[5488]iexplore.exe-->ntdll.dll-->NtOpenFile, Type: Inline - RelativeJump 0x77084A04-->73EA78D0 [PxSecure.dll]
[5488]iexplore.exe-->ntdll.dll-->NtOpenSection, Type: Inline - RelativeJump 0x77084AB4-->73EA7B00 [PxSecure.dll]
[5488]iexplore.exe-->ntdll.dll-->NtWriteFile, Type: Inline - RelativeJump 0x77085494-->73EA7B40 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x76F91305-->6BE8DB04 [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x76FC847D-->6BF8538C [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x76FB2EF5-->6BF85329 [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x76FC8152-->6BF852C6 [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x76FB10B0-->6BDB54C5 [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x76FDD639-->6BF8518E [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x76FDD65D-->6BF8512C [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x76FDD4D9-->6BF8525B [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x76FDD5D3-->6BF851F0 [ieframe.dll]
[5488]iexplore.exe-->user32.dll-->PostMessageA, Type: Inline - RelativeJump 0x76F8F8F8-->73EA6E90 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->PostMessageW, Type: Inline - RelativeJump 0x76F9A175-->73EA6ED0 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->PostThreadMessageA, Type: Inline - RelativeJump 0x76F8BD34-->73EA2720 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->PostThreadMessageW, Type: Inline - RelativeJump 0x76F97C8E-->73EA2740 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendMessageA, Type: Inline - RelativeJump 0x76F8F956-->73EA69D0 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendMessageCallbackA, Type: Inline - RelativeJump 0x76FE2CA7-->73EA6D70 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendMessageCallbackW, Type: Inline - RelativeJump 0x76F94570-->73EA6DC0 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendMessageTimeoutA, Type: Inline - RelativeJump 0x76FB0006-->73EA6CD0 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendMessageTimeoutW, Type: Inline - RelativeJump 0x76F9352D-->73EA6D20 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendMessageW, Type: Inline - RelativeJump 0x76FA0AED-->73EA6AA0 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendNotifyMessageA, Type: Inline - RelativeJump 0x76FADFCF-->73EA6C50 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SendNotifyMessageW, Type: Inline - RelativeJump 0x76F893D6-->73EA6C90 [PxSecure.dll]
[5488]iexplore.exe-->user32.dll-->SetWindowTextW, Type: Inline - RelativeJump 0x76F99815-->73EA7800 [PxSecure.dll]
[5488]iexplore.exe-->wininet.dll-->HttpSendRequestA, Type: Inline - RelativeJump 0x7584EE89-->73EA2760 [PxSecure.dll]
[5488]iexplore.exe-->wininet.dll-->HttpSendRequestExA, Type: Inline - RelativeJump 0x758AA642-->73EA2820 [PxSecure.dll]
[5488]iexplore.exe-->wininet.dll-->HttpSendRequestExW, Type: Inline - RelativeJump 0x758AA69B-->73EA27F0 [PxSecure.dll]
[5488]iexplore.exe-->wininet.dll-->HttpSendRequestW, Type: Inline - RelativeJump 0x7583FABE-->73EA27C0 [PxSecure.dll]
[5488]iexplore.exe-->wininet.dll-->InternetWriteFile, Type: Inline - RelativeJump 0x75896076-->73EA2790 [PxSecure.dll]
[5488]iexplore.exe-->ws2_32.dll-->connect, Type: Inline - RelativeJump 0x771840D9-->73EA28D0 [PxSecure.dll]
[5488]iexplore.exe-->ws2_32.dll-->sendto, Type: Inline - RelativeJump 0x771867C5-->73EA2890 [PxSecure.dll]
[5488]iexplore.exe-->ws2_32.dll-->WSAConnect, Type: Inline - RelativeJump 0x7718D7B0-->73EA2850 [PxSecure.dll]
[5488]iexplore.exe-->ws2_32.dll-->WSASend, Type: Inline - RelativeJump 0x77184496-->73EA2910 [PxSecure.dll]
[5488]iexplore.exe-->ws2_32.dll-->WSASocketW, Type: Inline - RelativeJump 0x771834EB-->73EA2950 [PxSecure.dll]
[5488]iexplore.exe-->ws2_32.dll-->WSASocketW, Type: Inline - SEH 0x771834F0 [unknown_code_page]
[5488]iexplore.exe-->ws2_32.dll-->WSASocketW, Type: Inline - SEH 0x771834F1 [unknown_code_page]
[896]firefox.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - RelativeJump 0x757BA229-->73EA6FB0 [PxSecure.dll]
[896]firefox.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - SEH 0x757BA22E [unknown_code_page]
[896]firefox.exe-->advapi32.dll-->CredEnumerateW, Type: Inline - SEH 0x757BA22F [unknown_code_page]
[896]firefox.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - RelativeJump 0x74FA501A-->73EA6F30 [PxSecure.dll]
[896]firefox.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - SEH 0x74FA501F [unknown_code_page]
[896]firefox.exe-->crypt32.dll-->CryptUnprotectData, Type: Inline - SEH 0x74FA5020 [unknown_code_page]
[896]firefox.exe-->kernel32.dll-->CreateThread, Type: Inline - RelativeJump 0x763CC90E-->73EA7090 [PxSecure.dll]
[896]firefox.exe-->kernel32.dll-->OutputDebugStringA, Type: Inline - RelativeJump 0x763C0264-->73EA7D60 [PxSecure.dll]
[896]firefox.exe-->ntdll.dll-->NtCreateFile, Type: Inline - RelativeJump 0x77084224-->73EA7940 [PxSecure.dll]
[896]firefox.exe-->ntdll.dll-->NtCreateSection, Type: Inline - RelativeJump 0x77084314-->73EA7A60 [PxSecure.dll]
[896]firefox.exe-->ntdll.dll-->NtOpenFile, Type: Inline - RelativeJump 0x77084A04-->73EA78D0 [PxSecure.dll]
[896]firefox.exe-->ntdll.dll-->NtOpenSection, Type: Inline - RelativeJump 0x77084AB4-->73EA7B00 [PxSecure.dll]
[896]firefox.exe-->ntdll.dll-->NtWriteFile, Type: Inline - RelativeJump 0x77085494-->73EA7B40 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->PostMessageA, Type: Inline - RelativeJump 0x76F8F8F8-->73EA6E90 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->PostMessageW, Type: Inline - RelativeJump 0x76F9A175-->73EA6ED0 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->PostThreadMessageA, Type: Inline - RelativeJump 0x76F8BD34-->73EA2720 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->PostThreadMessageW, Type: Inline - RelativeJump 0x76F97C8E-->73EA2740 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendMessageA, Type: Inline - RelativeJump 0x76F8F956-->73EA69D0 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendMessageCallbackA, Type: Inline - RelativeJump 0x76FE2CA7-->73EA6D70 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendMessageCallbackW, Type: Inline - RelativeJump 0x76F94570-->73EA6DC0 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendMessageTimeoutA, Type: Inline - RelativeJump 0x76FB0006-->73EA6CD0 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendMessageTimeoutW, Type: Inline - RelativeJump 0x76F9352D-->73EA6D20 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendMessageW, Type: Inline - RelativeJump 0x76FA0AED-->73EA6AA0 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendNotifyMessageA, Type: Inline - RelativeJump 0x76FADFCF-->73EA6C50 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SendNotifyMessageW, Type: Inline - RelativeJump 0x76F893D6-->73EA6C90 [PxSecure.dll]
[896]firefox.exe-->user32.dll-->SetWindowTextW, Type: Inline - RelativeJump 0x76F99815-->73EA7800 [PxSecure.dll]
[896]firefox.exe-->wininet.dll-->HttpSendRequestA, Type: Inline - RelativeJump 0x7584EE89-->73EA2760 [PxSecure.dll]
[896]firefox.exe-->wininet.dll-->HttpSendRequestExA, Type: Inline - RelativeJump 0x758AA642-->73EA2820 [PxSecure.dll]
[896]firefox.exe-->wininet.dll-->HttpSendRequestExW, Type: Inline - RelativeJump 0x758AA69B-->73EA27F0 [PxSecure.dll]
[896]firefox.exe-->wininet.dll-->HttpSendRequestW, Type: Inline - RelativeJump 0x7583FABE-->73EA27C0 [PxSecure.dll]
[896]firefox.exe-->wininet.dll-->InternetWriteFile, Type: Inline - RelativeJump 0x75896076-->73EA2790 [PxSecure.dll]
[896]firefox.exe-->ws2_32.dll-->closesocket, Type: Inline - RelativeJump 0x7718330C-->008C000A [unknown_code_page]
[896]firefox.exe-->ws2_32.dll-->connect, Type: Inline - RelativeJump 0x771840D9-->73EA28D0 [PxSecure.dll]
[896]firefox.exe-->ws2_32.dll-->sendto, Type: Inline - RelativeJump 0x771867C5-->73EA2890 [PxSecure.dll]
[896]firefox.exe-->ws2_32.dll-->WSAConnect, Type: Inline - RelativeJump 0x7718D7B0-->73EA2850 [PxSecure.dll]
[896]firefox.exe-->ws2_32.dll-->WSASend, Type: Inline - RelativeJump 0x77184496-->73EA2910 [PxSecure.dll]
[896]firefox.exe-->ws2_32.dll-->WSASocketW, Type: Inline - RelativeJump 0x771834EB-->73EA2950 [PxSecure.dll]
[896]firefox.exe-->ws2_32.dll-->WSASocketW, Type: Inline - SEH 0x771834F0 [unknown_code_page]
[896]firefox.exe-->ws2_32.dll-->WSASocketW, Type: Inline - SEH 0x771834F1 [unknown_code_page]
[896]firefox.exe-->wsock32.dll-->recv, Type: Inline - RelativeJump 0x716C1858-->008A000A [unknown_code_page]
5. Computer still seems just like before, nothing has changed too much.
Let me know the next steps. Again, thank you.