Jump to content

Danielryan

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Posts posted by Danielryan

    Infected with trojan.dropper.bcminer

    in Resolved Malware Removal Logs

    Posted

    Hello everyone! I have been browsing these forums in search of a solution to the trojan.dropper.bcminer virus. I have tried a number of things and can't seem to get the thing out. I've already modified some scripts used with ComboFix and ran them, as well as combofix by itself. I've tried removing it with mbam as well as tried a number of other suggestions. Nothing seems to work so I figured I could get some help here. I've seen many malware posts on here and they all seem to be solved so props to you guys and everything you do here.

    Okay, here are the DDS logs, as well as a hijackthis log.

    attach.txt

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume1

    Install Date: 6/21/2011 4:42:25 PM

    System Uptime: 7/17/2012 8:14:48 PM (0 hours ago)

    .

    Motherboard: LENOVO | |

    Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU | 2100/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 455 GiB total, 395.27 GiB free.

    D: is CDROM ()

    E: is Removable

    Q: is FIXED (NTFS) - 10 GiB total, 1.052 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP117: 6/14/2012 2:18:29 PM - Windows Update

    RP118: 6/17/2012 2:42:13 PM - Windows Update

    RP119: 6/19/2012 12:20:23 PM - Windows Update

    RP120: 6/20/2012 10:53:56 PM - Windows Update

    RP121: 6/24/2012 4:00:49 PM - Windows Update

    RP122: 6/27/2012 9:37:15 PM - Windows Update

    RP123: 7/1/2012 4:13:23 PM - Windows Update

    RP124: 7/4/2012 11:35:36 PM - Windows Update

    RP125: 7/12/2012 2:03:09 AM - Windows Update

    RP126: 7/17/2012 4:15:12 PM - Removed Java 6 Update 31

    RP127: 7/17/2012 4:15:50 PM - Installed Java 7 Update 5

    RP128: 7/17/2012 4:16:34 PM - Installed JavaFX 2.1.1

    .

    ==== Installed Programs ======================

    .

    Adobe Flash Player 11 ActiveX

    Adobe Reader 9.4.0

    Adobe Shockwave Player 11.6

    Apple Application Support

    Apple Software Update

    ArcadeCandy

    ASPCA TriMini Reminder by We-Care.com v5.0.2.1

    Bing Desktop

    Burn.Now 4.5

    Cisco NAC Agent

    Click to Call with Skype

    Corel Burn.Now Lenovo Edition

    Corel DVD MovieFactory 7

    Corel DVD MovieFactory Lenovo Edition

    Corel WinDVD

    Create Recovery Media

    D3DX10

    DealScout for Internet Explorer

    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

    Direct DiscRecorder

    Dogpile Bundle Toolbar

    Easy Media Player 1.1.12

    Google Chrome

    Google Update Helper

    Integrated Camera Driver Installer Package Ver.1.1.0.1147

    Integrated Camera TWAIN

    Intel® Control Center

    Intel® Identity Protection Technology 1.1.2.0

    Intel® Management Engine Components

    Intel® Processor Graphics

    Intel® Wireless Display

    Java Auto Updater

    Java 7 Update 5

    JavaFX 2.1.1

    Junk Mail filter update

    Lenovo User Guide

    Lenovo Warranty Information

    Lenovo Welcome

    Malwarebytes Anti-Malware version 1.62.0.1300

    Mesh Runtime

    Message Center Plus

    Microsoft Office 2010

    Microsoft Office 2010 Service Pack 1 (SP1)

    Microsoft Office Access MUI (English) 2010

    Microsoft Office Access Setup Metadata MUI (English) 2010

    Microsoft Office Click-to-Run 2010

    Microsoft Office Excel MUI (English) 2010

    Microsoft Office Groove MUI (English) 2010

    Microsoft Office InfoPath MUI (English) 2010

    Microsoft Office OneNote MUI (English) 2010

    Microsoft Office Outlook MUI (English) 2010

    Microsoft Office PowerPoint MUI (English) 2010

    Microsoft Office Professional Plus 2010

    Microsoft Office Proof (English) 2010

    Microsoft Office Proof (French) 2010

    Microsoft Office Proof (Spanish) 2010

    Microsoft Office Proofing (English) 2010

    Microsoft Office Publisher MUI (English) 2010

    Microsoft Office Shared MUI (English) 2010

    Microsoft Office Shared Setup Metadata MUI (English) 2010

    Microsoft Office Starter 2010 - English

    Microsoft Office Word MUI (English) 2010

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    MSVCRT

    MSVCRT_amd64

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    Plants vs. Zombies

    QuickTime

    RapidBoot

    RealNetworks - Microsoft Visual C++ 2008 Runtime

    RealPlayer

    Realtek Ethernet Controller Driver

    RealUpgrade 1.1

    RICOH Media Driver v2.10.18.02

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

    Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

    Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553091)

    Security Update for Microsoft Office 2010 (KB2553096)

    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

    Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

    Skype™ 5.5

    swMSM

    System Update

    The Weather Channel Desktop 6

    ThinkPad Power Manager

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft Office 2010 (KB2494150)

    Update for Microsoft Office 2010 (KB2553065)

    Update for Microsoft Office 2010 (KB2553092)

    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2566458)

    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

    Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

    Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Installer

    Windows Live Mail

    Windows Live Mesh

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Messenger

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    .

    ==== Event Viewer Messages From Past Week ========

    .

    7/17/2012 7:54:20 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

    7/17/2012 7:38:12 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

    7/17/2012 7:37:19 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    7/17/2012 6:06:18 PM, Error: Application Popup [1060] - \??\C:\gotcha\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    7/17/2012 5:48:46 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

    7/17/2012 5:42:41 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

    7/17/2012 5:42:39 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

    7/17/2012 4:39:36 PM, Error: Service Control Manager [7022] - The Application Virtualization Client service hung on starting.

    7/17/2012 3:45:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.

    7/17/2012 3:45:55 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    7/16/2012 9:21:30 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.

    7/16/2012 8:57:41 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

    7/11/2012 8:27:37 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Kayla-THINK\Kayla SID (S-1-5-21-810281717-2484635642-1102536969-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    7/10/2012 9:00:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McciCMService64 service to connect.

    7/10/2012 9:00:55 PM, Error: Service Control Manager [7000] - The McciCMService64 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    .

    ==== End Of File ===========================

    DDS.txt

    .

    DDS (Ver_2011-08-26.01) - NTFSAMD64

    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

    Run by Kayla at 20:21:56 on 2012-07-17

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4007.2699 [GMT -4:00]

    .

    AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\ibmpmsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\WLANExt.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

    C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

    C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

    C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

    C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

    C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

    C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskhost.exe

    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    C:\Windows\SysWOW64\SAsrv.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Windows\System32\rundll32.exe

    C:\Windows\system32\WUDFHost.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\rundll32.exe

    C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

    C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

    C:\Windows\system32\rundll32.exe

    C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

    C:\Windows\System32\TpShocks.exe

    C:\Windows\System32\igfxtray.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

    C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

    C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

    C:\Windows\SysWOW64\rundll32.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\system32\rundll32.exe

    C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Windows\system32\sppsvc.exe

    C:\Program Files (x86)\Lenovo\System Update\SUService.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Windows\servicing\TrustedInstaller.exe

    C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\cscript.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uInternet Settings,ProxyOverride = *.local

    uURLSearchHooks: FCToolbarURLSearchHook Class: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Helper.dll

    uURLSearchHooks: H - No File

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    BHO: IWantThis: {50fc0ec5-bea7-4d57-909d-6380a5ad5697} - C:\Program Files (x86)\IWantThis\IWantThis.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

    BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

    BHO: Dogpile Bundle Toolbar BHO: {bfe4b5cb-63f7-4a51-9266-6167655d5b4f} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll

    BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

    TB: Dogpile Bundle Toolbar: {c80bdeb2-8735-44c6-bd55-a1ccd555667a} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll

    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

    mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

    mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

    mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://nacsvr.lhup.edu/auth/taweb.cab

    DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} - hxxps://nacsvr.lhup.edu/auth/CCALogin.CAB

    TCP: DhcpNameServer = 192.168.1.1

    TCP: Interfaces\{0E1305B9-8FD8-4797-BF7C-CC8B91EC4054} : DhcpNameServer = 192.168.1.1

    TCP: Interfaces\{0E1305B9-8FD8-4797-BF7C-CC8B91EC4054}\2427F677E6D41676E6F6C69616D27657563747 : DhcpNameServer = 209.55.5.10 209.55.5.11 192.168.33.1

    TCP: Interfaces\{0E1305B9-8FD8-4797-BF7C-CC8B91EC4054}\245737475627 : DhcpNameServer = 192.168.0.1

    TCP: Interfaces\{0E1305B9-8FD8-4797-BF7C-CC8B91EC4054}\7594E4F583142334 : DhcpNameServer = 192.168.254.254

    TCP: Interfaces\{0E1305B9-8FD8-4797-BF7C-CC8B91EC4054}\C48455F57457563747 : DhcpNameServer = 151.161.16.9 151.161.16.15

    TCP: Interfaces\{210E9CAB-FD64-461E-9051-D641BBA0D956} : DhcpNameServer = 151.161.16.9 151.161.16.15

    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO-X64: AcroIEHelperStub - No File

    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    BHO-X64: IWantThis: {50FC0EC5-BEA7-4d57-909D-6380A5AD5697} - C:\Program Files (x86)\IWantThis\IWantThis.dll

    BHO-X64: IWantThis - No File

    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

    BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO-X64: SkypeIEPluginBHO - No File

    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

    BHO-X64: URLRedirectionBHO - No File

    BHO-X64: Dogpile Bundle Toolbar BHO: {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll

    BHO-X64: FCTBPos00Pos - No File

    BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

    BHO-X64: WeCareReminder - No File

    BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

    TB-X64: Dogpile Bundle Toolbar: {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll

    TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

    mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

    mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

    mRun-x64: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe

    mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

    R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys --> C:\Windows\system32\DRIVERS\ApsHM64.sys [?]

    R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiifx64.sys --> C:\Windows\system32\DRIVERS\smiifx64.sys [?]

    R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2010-12-3 31592]

    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

    R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-3-30 151656]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]

    R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-6-14 40808]

    R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-1-17 45496]

    R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-6-14 59240]

    R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-1-17 93032]

    R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2011-10-31 1151928]

    R2 risdxc;risdxc;C:\Windows\system32\DRIVERS\risdxc64.sys --> C:\Windows\system32\DRIVERS\risdxc64.sys [?]

    R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SASrv.exe [2011-6-14 446592]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-1-17 114024]

    R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-1-17 64440]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-14 2656280]

    R3 5U877;USB Video Device;C:\Windows\system32\DRIVERS\5U877.sys --> C:\Windows\system32\DRIVERS\5U877.sys [?]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

    R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

    R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

    R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-28 136176]

    S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2010-12-3 116072]

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-8 250056]

    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-28 136176]

    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-2 340240]

    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-10 4925184]

    S3 PCDSRVC{127174DC-C366ED8B-06020101}_0;PCDSRVC{127174DC-C366ED8B-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor\pcdsrvc_x64.pkms [2010-12-9 25072]

    S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-6-14 79208]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

    S4 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-6-21 517632]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

    .

    =============== Created Last 30 ================

    .

    2012-07-17 23:39:32 -------- d-sh--w- C:\$RECYCLE.BIN

    2012-07-17 22:18:02 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2012-07-17 22:18:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2012-07-17 22:00:42 98816 ----a-w- C:\Windows\sed.exe

    2012-07-17 22:00:42 518144 ----a-w- C:\Windows\SWREG.exe

    2012-07-17 22:00:42 256000 ----a-w- C:\Windows\PEV.exe

    2012-07-17 22:00:42 208896 ----a-w- C:\Windows\MBR.exe

    2012-07-17 20:17:11 -------- d-----w- C:\Program Files (x86)\Oracle

    2012-07-17 20:16:31 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2012-07-17 01:14:11 -------- d-----w- C:\Users\Kayla\AppData\Roaming\Malwarebytes

    2012-07-17 01:14:11 -------- d-----w- C:\ProgramData\Malwarebytes

    2012-07-12 06:08:22 3148800 ----a-w- C:\Windows\System32\win32k.sys

    2012-07-11 20:38:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

    2012-07-08 19:48:06 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

    2012-07-08 19:38:42 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-07-07 20:12:56 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{46F73B95-80CE-4170-90A9-3EDEC307786F}\mpengine.dll

    2012-07-06 16:54:16 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

    2012-07-04 00:35:52 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{32285846-DE67-4357-A8E1-CF64D3A33D8F}\gapaengine.dll

    2012-06-19 16:21:07 2622464 ----a-w- C:\Windows\System32\wucltux.dll

    2012-06-19 16:20:51 99840 ----a-w- C:\Windows\System32\wudriver.dll

    2012-06-19 16:20:36 36864 ----a-w- C:\Windows\System32\wuapp.exe

    2012-06-19 16:20:36 186752 ----a-w- C:\Windows\System32\wuwebv.dll

    .

    ==================== Find3M ====================

    .

    2012-07-12 02:46:32 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-07-06 02:06:20 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll

    2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

    2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

    2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

    2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

    2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

    2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

    2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

    2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

    2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

    2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

    2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

    2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

    2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

    2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

    2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

    2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

    2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

    2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

    2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

    2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

    2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

    2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

    2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

    2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

    2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

    2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

    .

    ============= FINISH: 20:22:21.19 ===============

    hijackthis.txt

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 8:34:24 PM, on 7/17/2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16447)

    Boot mode: Normal

    Running processes:

    C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe

    C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

    C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe

    C:\Windows\SysWOW64\rundll32.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe

    C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

    E:\DGREPAIR\Virus Removal Tools\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Helper.dll

    R3 - URLSearchHook: (no name) - - (no file)

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    O2 - BHO: IWantThis - {50FC0EC5-BEA7-4d57-909D-6380A5AD5697} - C:\Program Files (x86)\IWantThis\IWantThis.dll

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

    O2 - BHO: FCTBPos00Pos - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll

    O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (file missing)

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

    O3 - Toolbar: Dogpile Bundle Toolbar - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll

    O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

    O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

    O4 - HKLM\..\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} (Cisco NAC Web Agent Control) - https://nacsvr.lhup.edu/auth/taweb.cab

    O16 - DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} (CCAWebLogin Control) - https://nacsvr.lhup.edu/auth/CCALogin.CAB

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe

    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

    O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

    O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

    O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

    O23 - Service: Cisco NAC Agent (NACAgent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe

    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)

    O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

    O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 12607 bytes

    Thanks in advance for all the help!

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.