Firstly, I'd like to apologize for not following instructions before my 1st post. Here is the link to my initial post - http://www.wiki.spybot.info/showthread.php?p=390983#post390983

Here is the DDS Log:



DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by User at 0:29:56.38 on Tue 12/14/2010
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4092.2379 [GMT -5:00]

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\rstrui.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\User\Downloads\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [SmartMenu] %programFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [Windows Defender] %programFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SysTrayApp] %programFiles%\IDT\WDM\sttray64.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j5vkr42g.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.thefreedictionary.com/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2010-1-7 380928]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-9-4 64000]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-8-7 143360]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-1-29 4745216]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2008-8-5 56352]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-7-19 93184]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-4-30 30232]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 tap0801;TAP-Win32 Adapter V8;C:\Windows\System32\drivers\tap0801.sys [2005-4-13 30720]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]

=============== Created Last 30 ================

2010-12-06 22:11:25 -------- d-----w- C:\Users\User\AppData\Local\Yahoo!
2010-12-06 10:17:20 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2010-12-06 10:15:42 -------- d-----w- C:\Users\User\AppData\Local\Sunbelt Software
2010-12-06 09:50:22 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2010-12-06 09:24:52 -------- d-----w- C:\PROGRA~3\PC Tools
2010-12-03 22:46:47 316416 ----a-w- C:\Windows\System32\msshsq.dll
2010-12-03 22:46:47 231936 ----a-w- C:\Windows\SysWow64\msshsq.dll
2010-12-03 22:38:13 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2010-12-03 22:11:38 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2010-12-03 22:11:08 36352 ----a-w- C:\Windows\SysWow64\rtutils.dll
2010-12-03 22:11:07 50688 ----a-w- C:\Windows\System32\rtutils.dll
2010-12-03 22:11:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-12-03 22:11:03 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-12-03 22:09:59 711448 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2010-12-03 22:08:27 461824 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-12-03 22:08:27 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-12-03 22:08:26 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-12-03 22:08:26 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2010-12-03 22:08:26 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2010-12-03 22:08:26 17920 ----a-w- C:\Windows\System32\netevent.dll
2010-12-03 22:08:26 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-12-03 22:08:26 12288 ----a-w- C:\Windows\System32\sscore.dll
2010-12-03 22:08:02 442368 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-03 22:08:02 378368 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-03 22:06:56 1923584 ----a-w- C:\Windows\System32\ole32.dll
2010-12-03 22:06:55 408064 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2010-12-03 22:06:55 1315840 ----a-w- C:\Windows\SysWow64\ole32.dll
2010-12-03 22:06:54 339968 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2010-12-03 22:06:50 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2010-12-03 22:06:50 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2010-12-03 22:06:48 343040 ----a-w- C:\Windows\System32\schannel.dll
2010-12-03 22:06:48 274432 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-12-03 22:06:44 2751488 ----a-w- C:\Windows\System32\win32k.sys
2010-12-03 22:06:39 1875456 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-03 22:06:39 1257472 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-03 22:06:36 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2010-12-03 22:06:33 267776 ----a-w- C:\Windows\System32\spoolsv.exe
2010-12-03 21:58:59 866816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-12-03 21:58:59 1090048 ----a-w- C:\Windows\System32\wmpmde.dll

==================== Find3M ====================

2010-11-29 22:42:06 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe

============= FINISH: 0:30:23.11 ===============


Here is the SpyBot log:


Win32.AutoRun.tmp: [SBI $751B1850] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman

DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-10-01 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-06-29 Includes\Adware.sbi (*)
2010-11-30 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-09-22 Includes\Dialer.sbi (*)
2010-11-30 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2010-11-30 Includes\Hijackers.sbi (*)
2010-11-30 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-08-02 Includes\Keyloggers.sbi (*)
2010-11-30 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-09-13 Includes\Malware.sbi (*)
2010-12-01 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-10-12 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-11-30 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-06-29 Includes\Spyware.sbi (*)
2010-11-30 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-11-02 Includes\Trojans.sbi (*)
2010-11-30 Includes\TrojansC-02.sbi (*)
2010-11-30 Includes\TrojansC-03.sbi (*)
2010-11-30 Includes\TrojansC-04.sbi (*)
2010-11-30 Includes\TrojansC-05.sbi (*)
2010-11-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-23 Plugins\TCPIPAddress.dll


:thanks: again

Hi,

Post fresh dds logs: dds.txt & attach.txt. Also, update Spybot and see if it still finds the issue.

Blade81,

I updated Spybot and it was unable to find anything even though i ran a check yesterday and found the win32.autorun.tmp. find below the logs for both dds logs and updated spybot. Thanks for getting back to me!

DDS:



DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by User at 18:37:10.46 on Mon 12/20/2010
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4092.2650 [GMT -5:00]

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
c:\Users\User\Downloads\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [SmartMenu] %programFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [Windows Defender] %programFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SysTrayApp] %programFiles%\IDT\WDM\sttray64.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j5vkr42g.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.thefreedictionary.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: C:\Users\User\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\User\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2010-1-7 380928]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-9-4 64000]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-8-7 143360]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-1-29 4745216]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2008-8-5 56352]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-7-19 93184]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-4-30 30232]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 tap0801;TAP-Win32 Adapter V8;C:\Windows\System32\drivers\tap0801.sys [2005-4-13 30720]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]

=============== Created Last 30 ================

2010-12-06 22:11:25 -------- d-----w- C:\Users\User\AppData\Local\Yahoo!
2010-12-06 10:17:20 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2010-12-06 10:15:42 -------- d-----w- C:\Users\User\AppData\Local\Sunbelt Software
2010-12-06 09:50:22 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2010-12-06 09:24:52 -------- d-----w- C:\PROGRA~3\PC Tools
2010-12-03 22:46:47 316416 ----a-w- C:\Windows\System32\msshsq.dll
2010-12-03 22:46:47 231936 ----a-w- C:\Windows\SysWow64\msshsq.dll
2010-12-03 22:38:13 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2010-12-03 22:11:38 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2010-12-03 22:11:08 36352 ----a-w- C:\Windows\SysWow64\rtutils.dll
2010-12-03 22:11:07 50688 ----a-w- C:\Windows\System32\rtutils.dll
2010-12-03 22:11:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-12-03 22:11:03 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-12-03 22:09:59 711448 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2010-12-03 22:08:27 461824 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-12-03 22:08:27 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-12-03 22:08:26 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-12-03 22:08:26 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2010-12-03 22:08:26 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2010-12-03 22:08:26 17920 ----a-w- C:\Windows\System32\netevent.dll
2010-12-03 22:08:26 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-12-03 22:08:26 12288 ----a-w- C:\Windows\System32\sscore.dll
2010-12-03 22:08:02 442368 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-03 22:08:02 378368 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-03 22:06:56 1923584 ----a-w- C:\Windows\System32\ole32.dll
2010-12-03 22:06:55 408064 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2010-12-03 22:06:55 1315840 ----a-w- C:\Windows\SysWow64\ole32.dll
2010-12-03 22:06:54 339968 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2010-12-03 22:06:50 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2010-12-03 22:06:50 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2010-12-03 22:06:48 343040 ----a-w- C:\Windows\System32\schannel.dll
2010-12-03 22:06:48 274432 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-12-03 22:06:44 2751488 ----a-w- C:\Windows\System32\win32k.sys
2010-12-03 22:06:39 1875456 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-03 22:06:39 1257472 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-03 22:06:36 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2010-12-03 22:06:33 267776 ----a-w- C:\Windows\System32\spoolsv.exe
2010-12-03 21:58:59 866816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-12-03 21:58:59 1090048 ----a-w- C:\Windows\System32\wmpmde.dll

==================== Find3M ====================

2010-11-29 22:42:06 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe

============= FINISH: 18:39:14.00 ===============


ATTACH:



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/29/2009 7:14:14 PM
System Uptime: 12/20/2010 6:27:48 PM (0 hours ago)

Motherboard: Quanta | | 3629
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz | CPU | 1600/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 360 GiB total, 227.433 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 2.26 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

µTorrent
6300
6300_Help
6300Trb
7-Zip 9.15 beta
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
AIM 6
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
BufferChm
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 4.0.12.327
Copy
CustomerResearchQFolder
CyberLink DVD Suite
Dealio Toolbar v4.0.2
Destinations
DeviceManagementQFolder
DivX Setup
DocProc
DocProcQFolder
ERUNT 1.1j
ESU for Microsoft Vista
eSupportQFolder
Fax
Free Mp3 Wma Converter V 1.9
Google Chrome
Google Talk (remove only)
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Help and Support
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart TV
HP MediaSmart Webcam
HP MULTIPLE MODEM INSTALLER for VISTA
HP Photosmart Essential
HP Product Detection
HP Quick Launch Buttons 6.40 H2
HP Smart Web Printing
HP Total Care Advisor
HP Total Care Setup
HP Update
HP User Guides 0126
HP Wireless Assistant
HPProductAssistant
HPSSupply
IDT Audio
IsoBuster 2.7
Java(TM) 6 Update 14
Java(TM) 6 Update 7
JMicron JMB38X Flash Media Controller
Juno Preloader
LabelPrint
LightScribe System Software 1.14.17.1
Logitech Vid
Malwarebytes' Anti-Malware
MarketResearch
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
My HP Games
Nokia Map Loader
Nokia Multimedia Common Components 2.4
Nokia Music
Nokia Ovi Application Installer
Nokia Ovi Application Installer 6.85.3011
Nokia Ovi Content Copier
Nokia Ovi Content Copier 6.85.3011
Nokia Ovi One Touch Access
Nokia Ovi One Touch Access 6.85.3019
Nokia Ovi System Utilities
Nokia Ovi System Utilities 6.85.3018
Nokia Photos
Nokia Software Updater
PC Connectivity Solution
PortTunnel
Power2Go
PowerDirector
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Skype™ 5.0
Slingbox - Watch Your TV Anywhere
SlingPlayer
SolutionCenter
SPORE Creature Creator Trial Edition
Spybot - Search & Destroy
Status
Toolbox
TrayApp
TrueCrypt
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (KB2443839)
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.0
WebReg
Windows Media Player Firefox Plugin
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

==== End Of File ===========================


SPYBOT:


Congratulations!: No immediate threats were found. (Status)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-10-01 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-10-05 Includes\Adware.sbi (*)
2010-11-30 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2010-12-14 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2010-11-30 Includes\Hijackers.sbi (*)
2010-11-30 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2010-12-14 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-12-14 Includes\Malware.sbi (*)
2010-12-14 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-12-14 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-12-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-12-14 Includes\Spyware.sbi (*)
2010-12-14 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-11-02 Includes\Trojans.sbi (*)
2010-12-16 Includes\TrojansC-02.sbi (*)
2010-12-16 Includes\TrojansC-03.sbi (*)
2010-12-16 Includes\TrojansC-04.sbi (*)
2010-12-16 Includes\TrojansC-05.sbi (*)
2010-12-16 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-23 Plugins\TCPIPAddress.dll

Hi,

That finding with older version was likely a false positive.

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please uninstall the programs listed above (in red).


Download and run Secunia Personal Software Inspector (PSI) (http://secunia.com/vulnerability_scanning/personal/) and fix its findings.

I uninstalled Utorrent, downloaded Secunia and fixed what it told me to accordingly. It says i'm at 98% Secunia System Score.

Hi,

Does PSI still show any items vulnerable?

It doesn't say so but I've included a screenshot of the results for you to review

Ok. There's no patch available for Adobe Reader yet so that second issue can't be fixed now. If you use AIM uninstall the version you have and get the latest one here (http://www.aim.com/).

i uninstalled aim and didn't bother to put it back since i don't use it.

Ok. If no other issues left I think we've finished the case :)

Wow! seemed so effortless lol i feel like i should have done more :)

Thank you so much for taking the time to help me out! Much appreciated and happy holidays. If for some odd reason it resurfaces, i'll let you know

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :santa:

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.