Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Lenovo Problem with Hyperlinks/Malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Lenovo Problem with Hyperlinks/Malware

Unread postby AdVocate4Fix » November 26th, 2013, 6:26 am

My apologies on first post*
First time here, was a bit confused, I see now thank you for showing me to the thread. I did read it I just didn't get the DDS part right away. I won't go into great detail over the previous and I would much appreciate the help. I'm a bit frustrated with this Lenovo and would like nothing more to get it fixed. I will post the DDS files now. Thank you for timely response.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16736
Run by Loreal at 1:50:09 on 2013-11-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.840 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\ibmpmsvc.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\system32\atashost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
C:\Program Files\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
C:\Program Files\Lenovo\Access Connections\AcSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Social Privacy DNS\dnswatch.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
c:\Program Files\Lenovo\System Update\SUService.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\WINDOWS\notepad.exe
C:\Users\Loreal\Desktop\OTL.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://lenovo.msn.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Social Privacy: {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - c:\program files\social privacy\sp.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - c:\program files\evernote\evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: IePasswordManagerHelper Class: {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.2.241.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\microsoft\bingbar\7.2.241.0\BingExt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [TpShocks] TpShocks.exe
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start
mRun: [AcWin7Hlpr] c:\program files\lenovo\access connections\AcTBenabler.exe
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [MSC] "c:\program files\microsoft security client\mssecex.exe" -hide -runkey
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [dnsshield] c:\program files\social privacy dns\dnswatch.exe
mRun: [Updater] c:\programdata\updater\Updater.exe
StartupFolder: c:\users\loreal\appdata\roaming\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\users\loreal\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\openvp~1.lnk - c:\program files\openvpn technologies\openvpn client\core\uiboot.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Clip Image - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=4
IE: Clip selection - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=3
IE: Clip this page - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=1
IE: Clip URL - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: New Note - c:\program files\evernote\evernote\\evernoteieres\NewNote.html
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\\evernoteieres\AddNote.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://1source-intl.webex.com/client/T ... atgpc1.cab
TCP: NameServer = 8.8.8.8,8.8.4.4
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{25A65430-3BF6-4C71-BD3C-DE91A259B713} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{66A54A2F-4141-46F3-A353-45A2E09042BA} : NameServer = 209.183.33.23 209.183.35.23
TCP: Interfaces\{85F7029A-94FE-49F7-A7A5-7276AD3E1CF8} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{85F7029A-94FE-49F7-A7A5-7276AD3E1CF8} : DHCPNameServer = 161.241.92.28 161.241.231.129 128.200.201.2
TCP: Interfaces\{C8800C8A-A47C-4AAA-8B95-8DCA77FF0F23} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D73CB6D5-9592-46C4-AA24-C3D69CD5B349} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963} : NameServer = 8.8.8.8,8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
AppInit_DLLs= c:\progra~1\searchprotect\searchprotect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Notification Packages = scecli ACGina
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-10-9 20520]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-13 37664]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2009-12-9 13480]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 172032]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2012-8-13 134456]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\hotkey\cammute.exe [2009-12-9 54632]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-12-9 44984]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-11-26 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-11-26 701512]
R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files\openvpn technologies\openvpn client\core\capiws.exe [2010-8-12 24064]
R2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files\qualcomm\qdlservice2k\QDLService2kLenovo.exe [2010-6-25 332536]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2009-12-9 62904]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-11-26 22856]
R3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\drivers\qcfilterlno2k.sys [2009-12-18 5248]
R3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\drivers\qcusbnetlno2k.sys [2010-6-25 374784]
R3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\drivers\qcusbserlno2k.sys [2010-6-25 190592]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-4-28 182304]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-4-28 233472]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-3-9 1006624]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2010-8-3 26112]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-4-28 27320]
R3 usbsmi;Integrated Camera;c:\windows\system32\drivers\SMIksdrv.sys [2010-4-28 181120]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Level Quality Watcher;Level Quality Watcher;c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=8fb7175f-c1fb-4437-9555-1822df6d4ca1 --> c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=8FB7175F-C1FB-4437-9555-1822DF6D4CA1 [?]
S2 vToolbarUpdater17.1.2;vToolbarUpdater17.1.2;c:\program files\common files\avg secure search\vtoolbarupdater\17.1.2\toolbarupdater.exe --> c:\program files\common files\avg secure search\vtoolbarupdater\17.1.2\ToolbarUpdater.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-4-28 75112]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-29 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-8-26 1343400]
.
=============== Created Last 30 ================
.
2013-11-26 07:51:15 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{978836b1-4be4-40a2-9cbc-0ec7d7cbf7a0}\offreg.dll
2013-11-26 07:35:43 -------- d-----w- C:\AdwCleaner
2013-11-26 07:22:16 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-26 07:19:02 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{978836b1-4be4-40a2-9cbc-0ec7d7cbf7a0}\mpengine.dll
2013-11-26 06:27:59 -------- d-----w- c:\users\loreal\appdata\local\ElevatedDiagnostics
2013-11-26 05:13:30 -------- d-----w- c:\program files\Reimage
2013-11-26 05:13:24 -------- d-----w- C:\rei
2013-11-26 02:01:41 -------- d-----w- c:\users\loreal\appdata\roaming\Malwarebytes
2013-11-26 02:01:16 -------- d-----w- c:\programdata\Malwarebytes
2013-11-26 02:01:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-26 02:00:44 -------- d-----w- c:\users\loreal\appdata\local\Programs
2013-11-25 03:28:58 -------- d-----w- c:\program files\Level Quality Watcher
2013-11-25 03:28:10 -------- d-----w- c:\programdata\RHelpers
2013-11-25 03:28:05 -------- d-----w- c:\programdata\Updater
2013-11-25 03:27:58 -------- d-----w- c:\programdata\TubeDimmer
2013-11-25 03:25:25 -------- d-----w- c:\program files\Social Privacy
2013-11-25 03:25:22 -------- d-----w- c:\program files\Social Privacy DNS
2013-11-25 03:25:04 -------- d-----w- c:\program files\sp
2013-11-25 01:30:25 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-11-19 01:44:37 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-11-19 01:44:37 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-11-19 01:44:35 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-11-19 01:44:35 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-11-19 01:44:33 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-11-19 01:44:32 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-11-19 01:44:32 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-11-19 01:43:42 5120 ----a-w- c:\windows\system32\wmi.dll
2013-11-19 01:43:42 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-11-19 01:43:42 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-11-19 01:43:42 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-19 01:33:58 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-11-19 01:32:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-19 01:29:18 1505280 ----a-w- c:\windows\system32\d3d11.dll
.
==================== Find3M ====================
.
2013-11-19 20:04:24 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-19 01:33:24 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-11-19 01:32:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-09 11:06:53 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 11:06:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 1:51:27.02 ===============

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 8/26/2011 8:03:00 AM
System Uptime: 11/26/2013 12:43:50 AM (1 hours ago)
.
Motherboard: LENOVO | | 35089TU
Processor: AMD Athlon(tm) Neo X2 Dual Core Processor L335 | S1G1/BGA | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 222 GiB total, 167.136 GiB free.
D: is Removable
E: is CDROM (CDFS)
F: is Removable
G: is Removable
Q: is FIXED (NTFS) - 10 GiB total, 3.665 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP195: 8/19/2013 3:07:39 PM - Windows Update
RP196: 8/22/2013 12:54:50 PM - Installed Evernote v. 4.6.7
RP197: 8/25/2013 8:37:31 PM - Windows Update
RP198: 8/28/2013 10:12:48 PM - Windows Update
RP199: 9/2/2013 6:56:46 PM - Windows Update
RP200: 9/6/2013 1:27:26 PM - Windows Update
RP201: 9/11/2013 7:20:05 PM - Windows Update
RP202: 9/16/2013 8:54:47 AM - Windows Update
RP203: 9/20/2013 7:00:48 AM - Windows Update
RP204: 9/23/2013 8:09:52 AM - Windows Update
RP205: 9/27/2013 6:33:14 AM - Windows Update
RP206: 9/30/2013 8:38:40 PM - Windows Update
RP207: 10/4/2013 7:07:53 AM - Windows Update
RP208: 10/8/2013 7:46:55 AM - Windows Update
RP209: 10/13/2013 6:51:00 PM - Windows Update
RP210: 10/17/2013 8:27:25 AM - Windows Update
RP211: 10/20/2013 7:05:49 PM - Windows Update
RP212: 10/24/2013 8:33:09 AM - Windows Update
RP213: 10/25/2013 12:31:41 PM - Installed Evernote v. 5.0.2
RP214: 10/28/2013 3:24:09 PM - Windows Update
RP215: 11/1/2013 10:01:32 AM - Windows Update
RP216: 11/2/2013 7:43:21 PM - Installed Evernote v. 5.0.2
RP217: 11/5/2013 7:38:38 AM - Windows Update
RP218: 11/18/2013 4:17:38 PM - Windows Update
RP219: 11/18/2013 6:26:52 PM - Windows Update
RP220: 11/24/2013 6:29:54 PM - Windows Update
RP221: 11/24/2013 8:45:20 PM - Installed Evernote v. 5.0.3
RP222: 11/26/2013 12:01:45 AM - Restore Operation
.
==== Installed Programs ======================
.
Registry Patch to arrange icons in Device and Printers folder of Windows 7
Access Help
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.2
AMD USB Filter Driver
AT&T Service Activation
ATI Catalyst Install Manager
ATI Uninstaller
Bing Bar
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 7.1
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Cisco WebEx Meetings
Citrix Online Launcher
Citrix Presentation Server Client
Client Security - Password Manager
Conexant 20582 SmartAudio HD
Create Recovery Media
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ERUNT 1.1j
Evernote v. 4.6.7
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 5.9.0.1207
Integrated Camera
Java Auto Updater
Java(TM) 6 Update 26
Junk Mail filter update
Lenovo System Interface Driver
Lenovo ThinkVantage Toolbox
Lenovo Warranty Information
Lenovo Welcome
Malwarebytes Anti-Malware version 1.75.0.1300
Message Center Plus
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Research AutoCollage Touch 2009
Microsoft Security Client
Microsoft Security Essentials
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobile Broadband
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
On Screen Display
OpenOffice.org 3.3
OpenVPN Client
PC Fix Speed 1.2.0.41
Qualcomm Gobi 2000 Package for Lenovo
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
Rescue and Recovery
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Social Privacy
Social Privacy DNS
Spelling Dictionaries Support For Adobe Reader 9
System Update
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad FullScreen Magnifier
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkPad Wireless LAN Adapter Software
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage GPS
Tube Dimmer
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Updater
Verizon Wireless Mobile Broadband Self Activation
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinZip 16.5
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
11/26/2013 12:50:02 AM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 600000 milliseconds: Restart the service.
11/26/2013 12:44:57 AM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
11/26/2013 12:44:39 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
11/26/2013 12:44:35 AM, Error: Service Control Manager [7000] - The vToolbarUpdater17.1.2 service failed to start due to the following error: The system cannot find the file specified.
11/26/2013 12:18:02 AM, Error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
11/26/2013 12:08:58 AM, Error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: Access is denied.
11/26/2013 12:08:56 AM, Error: Service Control Manager [7000] - The WajamUpdaterV3 service failed to start due to the following error: Access is denied.
11/26/2013 12:05:00 AM, Error: Service Control Manager [7000] - The Level Quality Watcher service failed to start due to the following error: The pipe has been ended.
11/26/2013 1:00:06 AM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/25/2013 9:42:08 PM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/25/2013 7:52:01 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xc0416ed0, 0xc0000185, 0x3df68860, 0x82ddadb5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112513-23478-01.
11/25/2013 6:08:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
11/25/2013 6:08:07 PM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/25/2013 3:03:42 PM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/25/2013 2:03:38 PM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/25/2013 11:59:43 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
11/25/2013 11:59:42 PM, Error: Service Control Manager [7023] - The Base Filtering Engine service terminated with the following error: Access is denied.
11/25/2013 11:59:38 PM, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.
11/25/2013 11:33:38 PM, Error: Service Control Manager [7023] - The WinDefend service terminated with the following error: Access is denied.
11/25/2013 10:42:11 PM, Error: Service Control Manager [7031] - The Level Quality Watcher service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/25/2013 1:28:42 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
11/24/2013 9:06:14 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
11/24/2013 9:06:03 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
.
==== End Of File ===========================
AdVocate4Fix
Active Member
 
Posts: 2
Joined: November 26th, 2013, 4:33 am
Advertisement
Register to Remove

Re: Lenovo Problem with Hyperlinks/Malware

Unread postby Gary R » November 28th, 2013, 2:41 am

Business Use / Business Networked Computer
Looking through your logs, there are signs that it appears you are using your computer for business purposes or connecting to a business network.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.


This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 25 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware