HaymanFTW
2011-06-21, 11:00
I did a clean install of windows on my dell inspiron 1520 (Vista - virus protection Trend Micro Titanium) yesterday. Everything went fine, and windows update installed about 190 updates with no problem until I got to KB970430. I received error message 80070020. I first went to this website:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;883825 and tried all of the suggestions listed. I also found an article that suggested I stop cryptographic services, delete catroot2 folder, restart crypto services. No dice. Then I started looking at forums and saw that it may be malware. So here we are. I would really appreciate any help. I followed the instructions for ERUNT. Here is the DDS file:
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Ash at 3:37:40 on 2011-06-21
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3573.2479 [GMT -4:00]
.
AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\STacSV.exe
C:\Users\Ash\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Ash\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ash\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ash\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
uRun: [Google Update] "c:\users\ash\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Trend Micro Titanium] c:\program files\trend micro\titanium\uiframework\uiWinMgr.exe -set Silent "1" SplashURL ""
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
StartupFolder: c:\users\ash\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
TCP: DhcpNameServer = 97.64.209.36 97.64.168.13
TCP: Interfaces\{8FC5B77B-3582-44ED-B660-D955090A445B} : DhcpNameServer = 97.64.209.36 97.64.168.13
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2011-6-20 73728]
R2 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-6-20 188272]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-6-20 64080]
.
=============== Created Last 30 ================
.
2011-06-21 07:15:20 388096 ----a-r- c:\users\ash\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-06-21 07:09:45 -------- d-----w- c:\windows\system32\catroot2
2011-06-21 05:49:26 -------- d-----w- c:\program files\Amazon
2011-06-21 05:39:11 -------- d-----w- c:\windows\pss
2011-06-21 04:49:32 -------- d-----w- c:\users\ash\appdata\local\Apple Computer
2011-06-21 04:48:49 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-06-21 04:48:49 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-06-21 04:47:58 -------- d-----w- c:\program files\iPod
2011-06-21 04:47:56 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-06-21 04:47:56 -------- d-----w- c:\program files\iTunes
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-06-21 04:46:19 -------- d-----w- c:\users\ash\appdata\local\Apple
2011-06-21 04:43:36 -------- d-----w- c:\program files\Bonjour
2011-06-21 04:15:05 172032 ----a-w- c:\windows\system32\igfxres.dll
2011-06-21 03:52:21 -------- d-----w- c:\users\ash\appdata\local\Google
2011-06-21 03:51:44 -------- d-----w- c:\users\ash\appdata\local\Apps
2011-06-21 03:51:43 -------- d-----w- c:\users\ash\appdata\local\Deployment
2011-06-20 20:43:32 -------- d-----w- C:\temp
2011-06-20 20:40:53 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-06-20 20:37:23 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-06-20 20:37:23 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-06-20 20:37:23 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-06-20 20:35:29 -------- d-----w- c:\programdata\Trend Micro
2011-06-20 20:35:25 -------- d-----w- c:\program files\Trend Micro
2011-06-20 19:51:42 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-06-20 19:51:41 17920 ----a-w- c:\windows\system32\netevent.dll
2011-06-20 19:43:31 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-06-20 19:41:44 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-20 19:41:25 758784 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-06-20 19:35:21 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-06-20 19:13:38 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-20 19:13:37 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-20 19:13:37 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-06-20 19:13:37 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-20 19:13:37 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-06-20 18:59:59 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-06-20 18:59:58 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2011-06-20 18:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-20 18:59:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-20 18:47:07 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-06-20 18:46:58 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{737fe009-3e91-400e-82c4-ee245aedc557}\mpengine.dll
2011-06-20 18:46:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-06-20 18:38:05 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-06-20 18:37:59 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-06-20 18:37:59 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-06-20 18:37:57 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-06-20 18:36:50 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-06-20 18:36:50 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2011-06-20 18:26:01 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-06-20 18:26:00 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-06-20 18:26:00 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-06-20 18:24:44 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-06-20 18:24:35 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-06-20 18:23:52 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-06-20 18:23:52 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-06-20 18:23:51 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-06-20 18:23:25 147456 ----a-w- c:\windows\system32\Faultrep.dll
2011-06-20 18:23:25 125952 ----a-w- c:\windows\system32\wersvc.dll
2011-06-20 18:22:44 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-20 18:22:44 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2011-06-20 18:22:44 45056 ----a-w- c:\windows\system32\dataclen.dll
2011-06-20 18:22:44 36864 ----a-w- c:\windows\system32\cdd.dll
2011-06-20 18:22:44 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-06-20 18:22:33 1645568 ----a-w- c:\windows\system32\connect.dll
2011-06-20 18:13:46 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-06-20 18:10:46 90112 ----a-w- c:\windows\system32\wshext.dll
2011-06-20 18:10:46 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-06-20 18:10:46 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-06-20 18:10:46 155648 ----a-w- c:\windows\system32\wscript.exe
2011-06-20 18:10:46 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-06-20 18:10:46 135168 ----a-w- c:\windows\system32\cscript.exe
2011-06-20 18:00:00 1315840 ----a-w- c:\windows\system32\ole32.dll
2011-06-20 17:59:59 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2011-06-20 17:59:58 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-06-20 17:59:58 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-06-20 17:59:56 501760 ----a-w- c:\windows\system32\usp10.dll
2011-06-20 17:59:55 157184 ----a-w- c:\windows\system32\t2embed.dll
2011-06-20 17:59:52 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-06-20 17:59:52 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-06-20 17:59:51 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-06-20 17:59:33 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-06-20 17:59:07 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-20 17:58:47 98304 ----a-w- c:\windows\system32\cabview.dll
2011-06-20 17:48:09 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-06-20 17:48:09 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-06-20 17:48:08 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-06-20 17:48:08 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-06-20 17:48:07 9728 ----a-w- c:\windows\system32\lsass.exe
2011-06-20 17:48:07 72704 ----a-w- c:\windows\system32\secur32.dll
2011-06-20 17:48:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-06-20 17:48:04 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-06-20 17:48:01 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2011-06-20 17:47:59 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-06-20 17:47:58 61440 ----a-w- c:\windows\system32\msasn1.dll
2011-06-20 17:47:29 91136 ----a-w- c:\windows\system32\avifil32.dll
2011-06-20 17:47:29 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-06-20 17:47:29 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-06-20 17:47:29 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-06-20 17:47:29 31744 ----a-w- c:\windows\system32\msvidc32.dll
2011-06-20 17:47:29 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-06-20 17:47:29 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-06-20 17:47:29 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-06-20 17:47:29 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-06-20 17:40:50 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-06-20 17:40:49 71680 ----a-w- c:\windows\system32\atl.dll
2011-06-20 17:40:45 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-06-20 17:40:45 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-06-20 17:40:45 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-06-20 17:40:45 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-06-20 17:40:43 281600 ----a-w- c:\windows\system32\raschap.dll
2011-06-20 17:40:43 244224 ----a-w- c:\windows\system32\rastls.dll
2011-06-20 17:40:22 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-06-20 17:40:20 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-06-20 17:40:20 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-06-20 17:39:38 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-06-20 17:29:52 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-06-20 17:20:58 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-06-20 17:20:57 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-06-20 10:31:44 -------- d-----w- c:\windows\Panther
2011-06-20 10:31:27 -------- d-sh--w- C:\Boot
2011-06-20 10:31:02 -------- d-----w- c:\windows\system32\OEM
2011-06-20 08:42:06 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-06-20 08:42:05 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-20 08:42:05 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-20 08:42:04 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-06-20 08:42:04 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-06-20 08:42:03 269312 ----a-w- c:\windows\system32\es.dll
2011-06-20 08:42:02 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-20 08:42:00 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-20 08:42:00 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-20 08:42:00 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-20 08:42:00 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-20 08:41:00 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-06-20 08:41:00 94720 ----a-w- c:\windows\system32\logagent.exe
2011-06-20 08:29:47 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-06-20 08:29:46 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-06-20 08:29:45 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-06-20 08:29:43 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-20 08:29:42 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-06-20 08:29:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-06-20 08:29:42 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-06-20 08:29:42 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-06-20 08:29:41 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-06-20 08:29:41 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-06-20 08:29:40 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-20 08:28:53 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-06-20 08:16:17 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-06-20 08:16:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-06-20 08:16:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-06-20 08:16:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-06-20 08:16:17 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-06-20 08:16:15 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-06-20 08:13:27 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-20 08:13:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-06-20 08:13:25 323072 ----a-w- c:\windows\system32\sbe.dll
2011-06-20 08:13:25 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-06-20 08:13:25 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-06-20 08:13:24 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-06-20 08:13:20 81920 ----a-w- c:\windows\system32\consent.exe
2011-06-20 08:12:31 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-06-20 08:12:31 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-06-20 08:02:59 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-20 08:02:59 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-06-20 08:02:32 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-06-20 08:02:32 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-06-20 07:54:14 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-06-20 07:54:13 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-06-20 07:54:13 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-06-20 07:54:13 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-06-20 07:54:13 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-06-20 07:54:12 274432 ----a-w- c:\windows\system32\schannel.dll
2011-06-20 07:54:10 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-06-20 07:54:09 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-06-20 07:53:35 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-06-20 07:43:40 2868224 ----a-w- c:\windows\system32\mf.dll
2011-06-20 07:43:37 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-06-20 07:43:36 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-06-20 07:43:36 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-06-20 07:43:36 472064 ----a-w- c:\windows\system32\secproc.dll
2011-06-20 07:43:36 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-06-20 07:43:36 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-06-20 07:43:35 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-06-20 07:43:35 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-06-20 07:43:35 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-06-20 07:43:31 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-06-20 07:42:54 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-06-20 07:26:33 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-06-20 07:26:30 83968 ----a-w- c:\windows\system32\mscories.dll
2011-06-20 07:24:41 -------- d-----w- c:\users\ash\appdata\local\Microsoft Games
2011-06-20 07:12:49 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-06-20 07:02:28 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-06-20 07:02:11 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-06-20 07:02:01 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-06-20 07:02:01 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-06-20 06:54:59 -------- d-----w- c:\program files\Synaptics
2011-06-20 06:54:29 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2011-06-20 06:54:29 193456 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-06-20 06:54:29 163840 ----a-w- c:\windows\system32\SynCOM.dll
2011-06-20 06:54:29 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-06-20 06:54:29 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-06-20 06:54:29 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2011-06-20 06:52:34 -------- d-----w- c:\users\ash\Roaming
2011-06-20 06:52:34 -------- d-----w- c:\users\ash\appdata\roaming\Intel
2011-06-20 06:52:34 -------- d-----w- c:\programdata\Roaming
2011-06-20 06:51:54 -------- d-----w- c:\program files\CONEXANT
2011-06-20 06:50:49 980992 ----a-w- c:\windows\system32\drivers\HSX_DPV.sys
2011-06-20 06:50:49 94208 ----a-w- c:\windows\system32\mdmxsdk.dll
2011-06-20 06:50:49 8704 ----a-w- c:\windows\system32\drivers\XAudio.sys
2011-06-20 06:50:49 661504 ----a-w- c:\windows\system32\drivers\HSX_CNXT.sys
2011-06-20 06:50:49 386560 ----a-w- c:\windows\system32\drivers\XAudio.exe
2011-06-20 06:50:49 237568 ----a-w- c:\windows\system32\UCI32M29.dll
2011-06-20 06:50:49 208384 ----a-w- c:\windows\system32\drivers\HSXHWAZL.sys
2011-06-20 06:50:49 12672 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2011-06-20 06:49:28 45568 ----a-w- c:\windows\system32\drivers\bcm4sbxp.sys
2011-06-20 06:49:26 -------- d-----w- c:\program files\Broadcom
2011-06-20 06:45:37 -------- d-----w- C:\Intel
2011-06-20 06:44:35 -------- d-----w- C:\dell
2011-06-20 06:43:57 45056 ----a-r- c:\users\ash\appdata\roaming\microsoft\installer\{42929f0f-ce14-47af-9fc7-ff297a603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2011-06-20 06:43:51 -------- d-----w- c:\windows\system32\vmm32
2011-06-20 06:43:51 -------- d-----w- c:\program files\Dell
2011-06-20 06:43:32 -------- d-sh--w- c:\windows\Installer
2011-06-20 06:42:06 -------- d-----w- c:\users\ash\appdata\local\VirtualStore
.
==================== Find3M ====================
.
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
.
============= FINISH: 3:39:01.85 ===============
I downloaded HijackThis and scanned but it wouldn't generate a logfile. Should I just remove it from my computer?
-----------------------------------------------------
Edit
"BEFORE You POST"(Please read this Procedure Before Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)
http://support.microsoft.com/default.aspx?scid=kb;EN-US;883825 and tried all of the suggestions listed. I also found an article that suggested I stop cryptographic services, delete catroot2 folder, restart crypto services. No dice. Then I started looking at forums and saw that it may be malware. So here we are. I would really appreciate any help. I followed the instructions for ERUNT. Here is the DDS file:
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Ash at 3:37:40 on 2011-06-21
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3573.2479 [GMT -4:00]
.
AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\STacSV.exe
C:\Users\Ash\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Ash\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ash\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ash\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
uRun: [Google Update] "c:\users\ash\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Trend Micro Titanium] c:\program files\trend micro\titanium\uiframework\uiWinMgr.exe -set Silent "1" SplashURL ""
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
StartupFolder: c:\users\ash\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
TCP: DhcpNameServer = 97.64.209.36 97.64.168.13
TCP: Interfaces\{8FC5B77B-3582-44ED-B660-D955090A445B} : DhcpNameServer = 97.64.209.36 97.64.168.13
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2011-6-20 73728]
R2 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-6-20 188272]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-6-20 64080]
.
=============== Created Last 30 ================
.
2011-06-21 07:15:20 388096 ----a-r- c:\users\ash\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-06-21 07:09:45 -------- d-----w- c:\windows\system32\catroot2
2011-06-21 05:49:26 -------- d-----w- c:\program files\Amazon
2011-06-21 05:39:11 -------- d-----w- c:\windows\pss
2011-06-21 04:49:32 -------- d-----w- c:\users\ash\appdata\local\Apple Computer
2011-06-21 04:48:49 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-06-21 04:48:49 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-06-21 04:47:58 -------- d-----w- c:\program files\iPod
2011-06-21 04:47:56 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-06-21 04:47:56 -------- d-----w- c:\program files\iTunes
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-06-21 04:47:09 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-06-21 04:46:19 -------- d-----w- c:\users\ash\appdata\local\Apple
2011-06-21 04:43:36 -------- d-----w- c:\program files\Bonjour
2011-06-21 04:15:05 172032 ----a-w- c:\windows\system32\igfxres.dll
2011-06-21 03:52:21 -------- d-----w- c:\users\ash\appdata\local\Google
2011-06-21 03:51:44 -------- d-----w- c:\users\ash\appdata\local\Apps
2011-06-21 03:51:43 -------- d-----w- c:\users\ash\appdata\local\Deployment
2011-06-20 20:43:32 -------- d-----w- C:\temp
2011-06-20 20:40:53 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-06-20 20:37:23 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-06-20 20:37:23 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-06-20 20:37:23 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-06-20 20:35:29 -------- d-----w- c:\programdata\Trend Micro
2011-06-20 20:35:25 -------- d-----w- c:\program files\Trend Micro
2011-06-20 19:51:42 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-06-20 19:51:41 17920 ----a-w- c:\windows\system32\netevent.dll
2011-06-20 19:43:31 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-06-20 19:41:44 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-20 19:41:25 758784 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-06-20 19:35:21 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-06-20 19:13:38 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-20 19:13:37 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-20 19:13:37 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-06-20 19:13:37 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-20 19:13:37 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-06-20 18:59:59 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-06-20 18:59:58 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2011-06-20 18:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-20 18:59:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-20 18:47:07 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-06-20 18:46:58 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{737fe009-3e91-400e-82c4-ee245aedc557}\mpengine.dll
2011-06-20 18:46:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-06-20 18:38:05 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-06-20 18:37:59 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-06-20 18:37:59 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-06-20 18:37:57 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-06-20 18:36:50 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-06-20 18:36:50 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2011-06-20 18:26:01 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-06-20 18:26:00 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-06-20 18:26:00 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-06-20 18:24:44 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-06-20 18:24:35 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-06-20 18:23:52 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-06-20 18:23:52 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-06-20 18:23:51 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-06-20 18:23:25 147456 ----a-w- c:\windows\system32\Faultrep.dll
2011-06-20 18:23:25 125952 ----a-w- c:\windows\system32\wersvc.dll
2011-06-20 18:22:44 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-20 18:22:44 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2011-06-20 18:22:44 45056 ----a-w- c:\windows\system32\dataclen.dll
2011-06-20 18:22:44 36864 ----a-w- c:\windows\system32\cdd.dll
2011-06-20 18:22:44 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-06-20 18:22:33 1645568 ----a-w- c:\windows\system32\connect.dll
2011-06-20 18:13:46 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-06-20 18:10:46 90112 ----a-w- c:\windows\system32\wshext.dll
2011-06-20 18:10:46 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-06-20 18:10:46 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-06-20 18:10:46 155648 ----a-w- c:\windows\system32\wscript.exe
2011-06-20 18:10:46 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-06-20 18:10:46 135168 ----a-w- c:\windows\system32\cscript.exe
2011-06-20 18:00:00 1315840 ----a-w- c:\windows\system32\ole32.dll
2011-06-20 17:59:59 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2011-06-20 17:59:58 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-06-20 17:59:58 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-06-20 17:59:56 501760 ----a-w- c:\windows\system32\usp10.dll
2011-06-20 17:59:55 157184 ----a-w- c:\windows\system32\t2embed.dll
2011-06-20 17:59:52 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-06-20 17:59:52 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-06-20 17:59:51 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-06-20 17:59:33 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-06-20 17:59:07 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-20 17:58:47 98304 ----a-w- c:\windows\system32\cabview.dll
2011-06-20 17:48:09 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-06-20 17:48:09 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-06-20 17:48:08 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-06-20 17:48:08 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-06-20 17:48:07 9728 ----a-w- c:\windows\system32\lsass.exe
2011-06-20 17:48:07 72704 ----a-w- c:\windows\system32\secur32.dll
2011-06-20 17:48:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-06-20 17:48:04 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-06-20 17:48:01 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2011-06-20 17:47:59 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-06-20 17:47:58 61440 ----a-w- c:\windows\system32\msasn1.dll
2011-06-20 17:47:29 91136 ----a-w- c:\windows\system32\avifil32.dll
2011-06-20 17:47:29 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-06-20 17:47:29 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-06-20 17:47:29 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-06-20 17:47:29 31744 ----a-w- c:\windows\system32\msvidc32.dll
2011-06-20 17:47:29 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-06-20 17:47:29 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-06-20 17:47:29 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-06-20 17:47:29 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-06-20 17:40:50 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-06-20 17:40:49 71680 ----a-w- c:\windows\system32\atl.dll
2011-06-20 17:40:45 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-06-20 17:40:45 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-06-20 17:40:45 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-06-20 17:40:45 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-06-20 17:40:43 281600 ----a-w- c:\windows\system32\raschap.dll
2011-06-20 17:40:43 244224 ----a-w- c:\windows\system32\rastls.dll
2011-06-20 17:40:22 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-06-20 17:40:20 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-06-20 17:40:20 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-06-20 17:39:38 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-06-20 17:29:52 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-06-20 17:20:58 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-06-20 17:20:57 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-06-20 10:31:44 -------- d-----w- c:\windows\Panther
2011-06-20 10:31:27 -------- d-sh--w- C:\Boot
2011-06-20 10:31:02 -------- d-----w- c:\windows\system32\OEM
2011-06-20 08:42:06 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-06-20 08:42:05 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-20 08:42:05 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-20 08:42:04 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-06-20 08:42:04 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-06-20 08:42:03 269312 ----a-w- c:\windows\system32\es.dll
2011-06-20 08:42:02 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-20 08:42:00 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-20 08:42:00 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-20 08:42:00 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-20 08:42:00 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-20 08:41:00 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-06-20 08:41:00 94720 ----a-w- c:\windows\system32\logagent.exe
2011-06-20 08:29:47 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-06-20 08:29:46 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-06-20 08:29:45 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-06-20 08:29:43 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-20 08:29:42 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-06-20 08:29:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-06-20 08:29:42 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-06-20 08:29:42 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-06-20 08:29:41 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-06-20 08:29:41 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-06-20 08:29:40 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-20 08:28:53 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-06-20 08:16:17 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-06-20 08:16:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-06-20 08:16:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-06-20 08:16:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-06-20 08:16:17 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-06-20 08:16:15 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-06-20 08:13:27 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-20 08:13:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-06-20 08:13:25 323072 ----a-w- c:\windows\system32\sbe.dll
2011-06-20 08:13:25 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-06-20 08:13:25 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-06-20 08:13:24 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-06-20 08:13:20 81920 ----a-w- c:\windows\system32\consent.exe
2011-06-20 08:12:31 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-06-20 08:12:31 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-06-20 08:02:59 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-20 08:02:59 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-06-20 08:02:32 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-06-20 08:02:32 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-06-20 07:54:14 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-06-20 07:54:13 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-06-20 07:54:13 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-06-20 07:54:13 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-06-20 07:54:13 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-06-20 07:54:12 274432 ----a-w- c:\windows\system32\schannel.dll
2011-06-20 07:54:10 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-06-20 07:54:09 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-06-20 07:53:35 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-06-20 07:43:40 2868224 ----a-w- c:\windows\system32\mf.dll
2011-06-20 07:43:37 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-06-20 07:43:36 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-06-20 07:43:36 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-06-20 07:43:36 472064 ----a-w- c:\windows\system32\secproc.dll
2011-06-20 07:43:36 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-06-20 07:43:36 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-06-20 07:43:35 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-06-20 07:43:35 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-06-20 07:43:35 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-06-20 07:43:31 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-06-20 07:42:54 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-06-20 07:26:33 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-06-20 07:26:30 83968 ----a-w- c:\windows\system32\mscories.dll
2011-06-20 07:24:41 -------- d-----w- c:\users\ash\appdata\local\Microsoft Games
2011-06-20 07:12:49 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-06-20 07:02:28 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-06-20 07:02:11 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-06-20 07:02:01 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-06-20 07:02:01 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-06-20 06:54:59 -------- d-----w- c:\program files\Synaptics
2011-06-20 06:54:29 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2011-06-20 06:54:29 193456 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-06-20 06:54:29 163840 ----a-w- c:\windows\system32\SynCOM.dll
2011-06-20 06:54:29 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-06-20 06:54:29 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-06-20 06:54:29 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2011-06-20 06:52:34 -------- d-----w- c:\users\ash\Roaming
2011-06-20 06:52:34 -------- d-----w- c:\users\ash\appdata\roaming\Intel
2011-06-20 06:52:34 -------- d-----w- c:\programdata\Roaming
2011-06-20 06:51:54 -------- d-----w- c:\program files\CONEXANT
2011-06-20 06:50:49 980992 ----a-w- c:\windows\system32\drivers\HSX_DPV.sys
2011-06-20 06:50:49 94208 ----a-w- c:\windows\system32\mdmxsdk.dll
2011-06-20 06:50:49 8704 ----a-w- c:\windows\system32\drivers\XAudio.sys
2011-06-20 06:50:49 661504 ----a-w- c:\windows\system32\drivers\HSX_CNXT.sys
2011-06-20 06:50:49 386560 ----a-w- c:\windows\system32\drivers\XAudio.exe
2011-06-20 06:50:49 237568 ----a-w- c:\windows\system32\UCI32M29.dll
2011-06-20 06:50:49 208384 ----a-w- c:\windows\system32\drivers\HSXHWAZL.sys
2011-06-20 06:50:49 12672 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2011-06-20 06:49:28 45568 ----a-w- c:\windows\system32\drivers\bcm4sbxp.sys
2011-06-20 06:49:26 -------- d-----w- c:\program files\Broadcom
2011-06-20 06:45:37 -------- d-----w- C:\Intel
2011-06-20 06:44:35 -------- d-----w- C:\dell
2011-06-20 06:43:57 45056 ----a-r- c:\users\ash\appdata\roaming\microsoft\installer\{42929f0f-ce14-47af-9fc7-ff297a603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2011-06-20 06:43:51 -------- d-----w- c:\windows\system32\vmm32
2011-06-20 06:43:51 -------- d-----w- c:\program files\Dell
2011-06-20 06:43:32 -------- d-sh--w- c:\windows\Installer
2011-06-20 06:42:06 -------- d-----w- c:\users\ash\appdata\local\VirtualStore
.
==================== Find3M ====================
.
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
.
============= FINISH: 3:39:01.85 ===============
I downloaded HijackThis and scanned but it wouldn't generate a logfile. Should I just remove it from my computer?
-----------------------------------------------------
Edit
"BEFORE You POST"(Please read this Procedure Before Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)