backdoor.tidserv virus

ok so I've looked at all the posts about this topic so i downloaded combofix.

But how do I know if this virus is gone or not?

Please post the combofix log.

ComboFix 08-11-27.07 - Jackie 2008-11-28 12:33:30.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.479 [GMT -5:00]
Running from: c:\documents and settings\Jackie\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.

2008-11-28 05:42 . 2006-08-01 03:57 d-------- c:\documents and settings\Administrator\Application Data\Symantec
2008-11-28 05:42 . 2006-08-01 03:44 d-------- c:\documents and settings\Administrator\Application Data\Intel
2008-11-28 05:42 . 2007-12-14 14:05 d-------- c:\documents and settings\Administrator\Application Data\Apple Computer
2008-11-28 05:42 . 2008-11-28 05:42 d-------- c:\documents and settings\Administrator
2008-11-28 03:54 . 2008-11-28 03:54 73 --a------ c:\windows\st_affiliate.ini
2008-11-28 03:48 . 2008-11-28 03:48 63 --a------ c:\windows\av_affiliate.ini
2008-11-28 03:48 . 2008-11-28 03:48 63 --a------ c:\windows\as_affiliate.ini
2008-11-28 03:47 . 2008-11-28 04:04 d-------- c:\program files\CyberDefender
2008-11-28 03:47 . 2008-11-28 03:46 67,424 --a------ c:\windows\system32\drivers\CDAVFS.sys
2008-11-28 03:02 . 2004-09-20 12:44 5,652 --a------ c:\windows\system32\drivers\bvrp_pci.sys
2008-11-28 01:54 . 2008-11-28 01:54 d-------- c:\documents and settings\Jackie\Application Data\s_6002_NXx8fHw1fHx8MTI0MDQ4MTI3MXw_
2008-11-11 23:32 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-11 23:32 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-07 15:00 . 2008-11-07 15:00 d-------- c:\documents and settings\Jackie\Application Data\U3

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 17:30 --------- d-----w c:\program files\Symantec AntiVirus
2008-11-28 08:07 --------- d-----w c:\program files\Bonjour
2008-11-28 08:02 --------- d-----w c:\program files\Modem Helper
2008-11-28 06:44 --------- d-----w c:\documents and settings\Jackie\Application Data\LimeWire
2008-11-12 15:58 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-11 03:08 3,766 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-11-03 00:54 --------- d-----w c:\documents and settings\Jackie\Application Data\Image Zone Express
2008-10-27 01:34 --------- d-----w c:\program files\LimeWire
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-13 19:16 --------- d-----w c:\documents and settings\Jackie\Application Data\Printer Info Cache
2008-10-05 04:28 --------- d-----w c:\program files\iTunes
2008-10-05 04:28 --------- d-----w c:\program files\iPod
2008-10-05 04:28 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-29 14:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 13:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2006-09-05 20:08 1,663 ----a-w c:\windows\inf\COM9F.tmp
.

((((((((((((((((((((((((((((( snapshot@2008-11-28_12.12.24.71 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-28 17:11:36 55,522 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-28 17:34:57 55,522 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-28 17:11:36 386,598 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-28 17:34:57 386,598 ----a-w c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll" [2008-11-28 3958088]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}]
2008-11-28 03:46 3958088 --a------ c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll" [2008-11-28 3958088]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll" [2008-11-28 3958088]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"AROReminder"="c:\program files\Advanced Registry Optimizer\aro.exe" [2007-05-23 1798656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-06-10 785520]
"CyberDefender Early Detection Center"="c:\program files\CyberDefender\AntiSpyware\cdase0.exe" [2008-11-28 636232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-11 290816]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-04-08 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-04-17 85184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"CyberDefender Early Detection Center"="c:\program files\CyberDefender\AntiSpyware\ISSIntro.exe" [2008-11-28 566600]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 c:\windows\stsystra.exe]

c:\documents and settings\Jackie\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe [2007-12-07 28672]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-08-01 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Ruckus Player\\Ruckus.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\CyberDefender\\AntiSpyware\\cdase0.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-01-10 24652]
R3 CDAVFS;CDAVFS;c:\windows\system32\DRIVERS\CDAVFS.sys [2008-11-28 67424]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e85ab3d5-ac2b-11dd-80bf-0015c5a88a3c}]
\Shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e85ab3d6-ac2b-11dd-80bf-0015c5a88a3c}]
\Shell\AutoRun\command - setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder

2008-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Jackie\Application Data\Mozilla\Firefox\Profiles\185pty99.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxps://luminis.onu.edu/
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-28 12:36:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-28 12:38:02
ComboFix-quarantined-files.txt 2008-11-28 17:37:11
ComboFix2.txt 2008-11-28 17:13:25

Pre-Run: 24,236,802,048 bytes free
Post-Run: 24,226,660,352 bytes free

168 --- E O F --- 2008-11-12 15:58:38

Hello.
I don't see anything in that log that could cause a problem.

Where is Norton finding this?

Sorry I don't remember posting that twice and I'm not really sure why I did. But I don't have Norton I just have symantec. I did do the combofix twice and the first time i did it it turned out a little differently the first time but i deleted one of the lines the first time and it hasn't shown up on the log since.

Okay, what problems remain?

Well when I type in certain websites or sections in my computer I get black area where I'm typing. Thats the only problem I seem to still have.

Okay, we'll i'm going to attack what might be causing this.

Press Start > Control Panel > open "Add/remove programs"
Uninstall any Viewpoint by selecting it and pressing the "Remove" button on the right.

Now open a new notepad file.
Input this into the notepad file:

Driver::
Viewpoint Manager Service

File::
c:\documents and settings\Jackie\Application Data\s_6002_NXx8fHw1fHx8MTI0MDQ4MTI3MXw_
c:\windows\inf\COM9F.tmp

Folder::
c:\documents and settings\Jackie\Application Data\s_6002_NXx8fHw1fHx8MTI0MDQ4MTI3MXw_
c:\program files\Viewpoint

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix.exe again, agree to it's terms and allow it to run, it may want to reboot after it's done. Post the resulting log back here.

ComboFix 08-11-30.02 - Jackie 2008-12-01 12:31:09.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.364 [GMT -5:00]
Running from: c:\documents and settings\Jackie\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jackie\Desktop\CFscript.txt
* Created a new restore point

FILE ::
c:\documents and settings\Jackie\Application Data\s_6002_NXx8fHw1fHx8MTI0MDQ4MTI3MXw_
c:\windows\inf\COM9F.tmp
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jackie\Application Data\s_6002_NXx8fHw1fHx8MTI0MDQ4MTI3MXw_
c:\documents and settings\Jackie\Application Data\s_6002_NXx8fHw1fHx8MTI0MDQ4MTI3MXw_\spl.ini
c:\program files\Viewpoint
c:\program files\Viewpoint\Viewpoint Media Player\AxMetaStream.dll
c:\program files\Viewpoint\Viewpoint Media Player\AxMetaStream_0305000D.dll
c:\program files\Viewpoint\Viewpoint Media Player\ClassIDs.ini
c:\program files\Viewpoint\Viewpoint Media Player\ComponentMgr_0305000D.dll
c:\program files\Viewpoint\Viewpoint Media Player\ComponentRegistry.ini
c:\program files\Viewpoint\Viewpoint Media Player\Components\AOLUserShell.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\AtmoHWConfig.txt
c:\program files\Viewpoint\Viewpoint Media Player\Components\atmosphere.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\AvatarsDefault.prf
c:\program files\Viewpoint\Viewpoint Media Player\Components\BlueStreak.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\BookmarksDefault.prf
c:\program files\Viewpoint\Viewpoint Media Player\Components\Cursors.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\DefaultAvatarIcon.jpg
c:\program files\Viewpoint\Viewpoint Media Player\Components\DefaultWorldIcon.jpg
c:\program files\Viewpoint\Viewpoint Media Player\Components\ExtremeShot.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\InternetChatHelp.url
c:\program files\Viewpoint\Viewpoint Media Player\Components\JpegReader.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\LensFlares.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\Mts2Reader.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\Mts3Reader.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\ObjectMovie.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\SceneComponent.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\ServiceComponent.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\SreeDMMX.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\SWFView.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\VectorView.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\VETsdk.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\VMgr.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\VMPSpeech.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\VMPVideo.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\VMPVideo2.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\WaveletReader.dll
c:\program files\Viewpoint\Viewpoint Media Player\Components\ZoomView.dll
c:\program files\Viewpoint\Viewpoint Media Player\DownloadedComponents\atmosphere_Win\AtmoHWConfig.txt
c:\program files\Viewpoint\Viewpoint Media Player\DownloadedComponents\atmosphere_Win\AvatarsDefault.prf
c:\program files\Viewpoint\Viewpoint Media Player\DownloadedComponents\atmosphere_Win\BookmarksDefault.prf
c:\program files\Viewpoint\Viewpoint Media Player\DownloadedComponents\atmosphere_Win\DefaultAvatarIcon.jpg
c:\program files\Viewpoint\Viewpoint Media Player\DownloadedComponents\atmosphere_Win\DefaultWorldIcon.jpg
c:\program files\Viewpoint\Viewpoint Media Player\DownloadedComponents\atmosphere_Win\InternetChatHelp.url
c:\program files\Viewpoint\Viewpoint Media Player\DownLoadHist.ini
c:\program files\Viewpoint\Viewpoint Media Player\HostRegistry.ini
c:\program files\Viewpoint\Viewpoint Media Player\MetaStreamConfig.ini
c:\program files\Viewpoint\Viewpoint Media Player\MetaStreamID.ini
c:\program files\Viewpoint\Viewpoint Media Player\MtsAxInstaller.exe
c:\program files\Viewpoint\Viewpoint Media Player\MTSDownloadSites.txt
c:\program files\Viewpoint\Viewpoint Media Player\NewComponents\AtmoHWConfig.txt
c:\program files\Viewpoint\Viewpoint Media Player\NewComponents\AvatarsDefault.prf
c:\program files\Viewpoint\Viewpoint Media Player\NewComponents\BookmarksDefault.prf
c:\program files\Viewpoint\Viewpoint Media Player\NewComponents\DefaultAvatarIcon.jpg
c:\program files\Viewpoint\Viewpoint Media Player\NewComponents\DefaultWorldIcon.jpg
c:\program files\Viewpoint\Viewpoint Media Player\NewComponents\InternetChatHelp.url
c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.xpt
c:\windows\inf\COM9F.tmp

.
((((((((((((((((((((((((( Files Created from 2008-11-01 to 2008-12-01 )))))))))))))))))))))))))))))))
.

2008-11-29 18:53 . 2008-11-29 18:53 d--hs---- c:\documents and settings\Jackie\PrivacIE
2008-11-29 18:39 . 2008-11-29 18:42 d--h-c--- c:\windows\ie8
2008-11-29 18:22 . 2008-11-29 18:21 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-28 05:42 . 2006-08-01 03:57 d-------- c:\documents and settings\Administrator\Application Data\Symantec
2008-11-28 05:42 . 2006-08-01 03:44 d-------- c:\documents and settings\Administrator\Application Data\Intel
2008-11-28 05:42 . 2007-12-14 14:05 d-------- c:\documents and settings\Administrator\Application Data\Apple Computer
2008-11-28 05:42 . 2008-11-28 05:42 d-------- c:\documents and settings\Administrator
2008-11-28 03:54 . 2008-11-29 18:53 73 --a------ c:\windows\st_affiliate.ini
2008-11-28 03:48 . 2008-11-28 03:48 63 --a------ c:\windows\av_affiliate.ini
2008-11-28 03:48 . 2008-11-28 03:48 63 --a------ c:\windows\as_affiliate.ini
2008-11-28 03:47 . 2008-11-28 04:04 d-------- c:\program files\CyberDefender
2008-11-28 03:47 . 2008-11-28 03:46 67,424 --a------ c:\windows\system32\drivers\CDAVFS.sys
2008-11-28 03:02 . 2004-09-20 12:44 5,652 --a------ c:\windows\system32\drivers\bvrp_pci.sys
2008-11-11 23:32 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-11 23:32 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-07 15:00 . 2008-11-07 15:00 d-------- c:\documents and settings\Jackie\Application Data\U3

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-01 17:24 --------- d-----w c:\documents and settings\Jackie\Application Data\Viewpoint
2008-12-01 17:24 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-30 21:18 --------- d-----w c:\program files\Symantec AntiVirus
2008-11-29 23:20 --------- d-----w c:\program files\Java
2008-11-28 23:10 --------- d-----w c:\program files\Common Files\Adobe
2008-11-28 08:02 --------- d-----w c:\program files\Modem Helper
2008-11-28 06:44 --------- d-----w c:\documents and settings\Jackie\Application Data\LimeWire
2008-11-12 15:58 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-11 03:08 3,766 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-11-03 00:54 --------- d-----w c:\documents and settings\Jackie\Application Data\Image Zone Express
2008-10-27 01:34 --------- d-----w c:\program files\LimeWire
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-13 19:16 --------- d-----w c:\documents and settings\Jackie\Application Data\Printer Info Cache
2008-10-05 04:28 --------- d-----w c:\program files\iTunes
2008-10-05 04:28 --------- d-----w c:\program files\iPod
2008-10-05 04:28 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-28_12.12.24.71 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-07 07:26:44 71,680 -c--a-w c:\windows\ie8\admparse.dll
+ 2008-08-26 07:24:28 124,928 -c--a-w c:\windows\ie8\advpack.dll
+ 2008-04-14 00:11:51 35,328 -c--a-w c:\windows\ie8\corpol.dll
+ 2008-08-26 07:24:28 347,136 -c--a-w c:\windows\ie8\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c--a-w c:\windows\ie8\dxtrans.dll
+ 2006-10-17 15:44:36 60,416 -c--a-w c:\windows\ie8\hmmapi.dll
+ 2008-08-26 07:24:28 63,488 -c--a-w c:\windows\ie8\icardie.dll
+ 2008-08-25 08:37:59 70,656 -c--a-w c:\windows\ie8\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\ie8\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\ie8\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\ie8\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c--a-w c:\windows\ie8\ieapfltr.dat
+ 2008-08-26 07:24:28 383,488 -c--a-w c:\windows\ie8\ieapfltr.dll
+ 2008-08-26 07:24:29 384,512 -c--a-w c:\windows\ie8\iedkcs32.dll
+ 2008-04-14 00:11:54 81,920 -c--a-w c:\windows\ie8\ieencode.dll
+ 2008-10-03 17:41:15 6,066,176 -c--a-w c:\windows\ie8\ieframe.dll
+ 2006-11-08 01:03:36 191,488 -c--a-w c:\windows\ie8\iepeers.dll
+ 2006-11-08 01:03:36 287,744 -c--a-w c:\windows\ie8\ieproxy.dll
+ 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\ie8\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c--a-w c:\windows\ie8\iertutil.dll
+ 2006-11-07 07:26:42 55,296 -c--a-w c:\windows\ie8\iesetup.dll
+ 2006-11-08 01:03:36 180,736 -c--a-w c:\windows\ie8\ieui.dll
+ 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\ie8\iexplore.exe
+ 2006-10-17 15:57:58 36,352 -c--a-w c:\windows\ie8\imgutil.dll
+ 2006-11-07 07:26:24 92,672 -c--a-w c:\windows\ie8\inseng.dll
+ 2008-05-09 10:53:39 512,000 -c--a-w c:\windows\ie8\jscript.dll
+ 2008-08-26 07:24:30 27,648 -c--a-w c:\windows\ie8\jsproxy.dll
+ 2006-10-17 16:05:10 40,960 -c--a-w c:\windows\ie8\licmgr10.dll
+ 2008-08-26 07:24:30 459,264 -c--a-w c:\windows\ie8\msfeeds.dll
+ 2008-08-26 07:24:30 52,224 -c--a-w c:\windows\ie8\msfeedsbs.dll
+ 2006-10-17 15:58:32 12,288 -c--a-w c:\windows\ie8\msfeedssync.exe
+ 2006-10-17 15:56:10 45,568 -c--a-w c:\windows\ie8\mshta.exe
+ 2008-08-27 08:24:32 3,593,216 -c--a-w c:\windows\ie8\mshtml.dll
+ 2008-08-26 07:24:30 477,696 -c--a-w c:\windows\ie8\mshtmled.dll
+ 2006-10-17 15:28:56 48,128 -c--a-w c:\windows\ie8\mshtmler.dll
+ 2006-11-08 01:03:36 156,160 -c--a-w c:\windows\ie8\msls31.dll
+ 2008-08-26 07:24:30 193,024 -c--a-w c:\windows\ie8\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\ie8\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c--a-w c:\windows\ie8\occache.dll
+ 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\ie8\pngfilt.dll
+ 2006-09-06 20:43:16 213,216 -c--a-w c:\windows\ie8\spuninst.exe
+ 2008-08-22 08:21:04 49,736 -c--a-w c:\windows\ie8\spuninst\iecustom.dll
+ 2008-06-12 16:27:58 231,456 -c--a-w c:\windows\ie8\spuninst\spuninst.exe
+ 2008-06-12 16:28:00 382,496 -c--a-w c:\windows\ie8\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c--a-w c:\windows\ie8\url.dll
+ 2008-08-26 07:24:31 1,159,680 -c--a-w c:\windows\ie8\urlmon.dll
+ 2008-05-09 10:53:40 430,080 -c--a-w c:\windows\ie8\vbscript.dll
+ 2007-07-12 23:31:54 765,952 -c--a-w c:\windows\ie8\vgx.dll
+ 2008-08-26 07:24:31 233,472 -c--a-w c:\windows\ie8\webcheck.dll
+ 2006-10-17 16:05:58 206,336 -c--a-w c:\windows\ie8\winfxdocobj.exe
+ 2008-08-26 07:24:31 826,368 -c--a-w c:\windows\ie8\wininet.dll
- 2006-11-07 07:26:44 71,680 ----a-w c:\windows\system32\admparse.dll
+ 2008-08-22 08:06:30 72,704 ----a-w c:\windows\system32\admparse.dll
- 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-22 08:06:16 128,512 ----a-w c:\windows\system32\advpack.dll
- 2008-04-14 00:11:51 35,328 ----a-w c:\windows\system32\corpol.dll
+ 2008-08-22 08:07:08 18,944 ----a-w c:\windows\system32\corpol.dll
- 2006-11-07 07:26:44 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll
+ 2008-08-22 08:06:30 72,704 -c--a-w c:\windows\system32\dllcache\admparse.dll
- 2008-08-26 07:24:28 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-22 08:06:16 128,512 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-06-12 16:27:52 1,022,976 -c----w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-22 08:07:08 18,944 -c----w c:\windows\system32\dllcache\corpol.dll
- 2008-08-26 07:24:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-22 08:05:16 346,624 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-22 08:05:10 217,088 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2006-10-17 15:44:36 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2008-08-22 08:00:28 68,608 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
- 2008-08-26 07:24:28 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-22 08:05:20 61,952 -c--a-w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:37:59 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-22 08:06:24 162,304 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-22 08:06:36 124,928 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-22 08:06:40 228,864 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-22 08:06:24 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-07-30 03:58:08 3,670,112 -c--a-w c:\windows\system32\dllcache\ieapfltr.dat
- 2008-08-26 07:24:28 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-22 07:42:22 443,392 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-22 08:06:44 385,024 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-08-22 08:10:34 11,985,408 -c--a-w c:\windows\system32\dllcache\ieframe.dll
- 2006-11-08 01:03:36 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-22 08:05:24 186,880 -c--a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-22 08:06:20 55,808 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:24:29 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-22 08:06:02 1,778,688 -c--a-w c:\windows\system32\dllcache\iertutil.dll
- 2006-11-07 07:26:42 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll
+ 2008-08-22 08:06:24 71,680 -c--a-w c:\windows\system32\dllcache\iesetup.dll
- 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-22 08:16:40 637,984 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2006-10-17 15:57:58 36,352 -c--a-w c:\windows\system32\dllcache\imgutil.dll
+ 2008-08-22 08:05:14 35,840 -c--a-w c:\windows\system32\dllcache\imgutil.dll
- 2006-11-07 07:26:24 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-22 08:06:16 94,720 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2008-05-09 10:53:39 512,000 -c----w c:\windows\system32\dllcache\jscript.dll
+ 2008-08-22 08:06:30 552,960 -c--a-w c:\windows\system32\dllcache\jscript.dll
- 2008-08-26 07:24:30 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-22 08:06:58 28,672 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-17 16:05:10 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
+ 2008-08-22 08:08:00 43,008 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
- 2008-08-26 07:24:30 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-22 08:05:48 580,608 -c--a-w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:24:30 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-22 08:05:22 53,760 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-10-17 15:56:10 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
+ 2008-08-22 08:04:54 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
- 2008-08-27 08:24:32 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-22 08:09:32 5,699,584 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:24:30 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-22 08:05:08 70,656 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2006-10-17 15:28:56 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
+ 2008-08-22 08:05:00 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
- 2006-11-08 01:03:36 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
+ 2008-08-22 07:57:56 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
- 2008-08-26 07:24:30 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-22 08:07:50 193,536 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-22 08:05:34 630,272 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:24:30 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-08-22 08:07:50 116,224 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-22 08:05:14 45,056 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 16:27:52 1,497,088 -c----w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-06-12 16:27:52 474,112 -c----w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-06-12 16:27:56 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll
- 2008-08-26 07:24:30 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-08-22 08:07:58 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:24:31 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-22 08:08:22 1,206,784 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-05-09 10:53:40 430,080 -c----w c:\windows\system32\dllcache\vbscript.dll
+ 2008-08-22 08:06:36 434,176 -c--a-w c:\windows\system32\dllcache\vbscript.dll
- 2007-07-12 23:31:54 765,952 -c--a-w c:\windows\system32\dllcache\vgx.dll
+ 2008-08-22 08:07:20 755,200 -c--a-w c:\windows\system32\dllcache\VGX.dll
- 2008-08-26 07:24:31 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-22 08:08:08 236,544 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:24:31 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-22 08:08:06 878,592 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-22 08:05:16 346,624 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-22 08:05:10 217,088 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-22 08:05:20 61,952 ----a-w c:\windows\system32\icardie.dll
- 2006-06-29 12:05:44 26,112 ------w c:\windows\system32\idndl.dll
+ 2008-06-12 16:27:42 26,112 ----a-w c:\windows\system32\idndl.dll
- 2008-08-25 08:37:59 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-08-22 08:06:24 162,304 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-08-22 08:06:36 124,928 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:24:28 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-08-22 08:06:40 228,864 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-08-22 08:06:24 163,840 ----a-w c:\windows\system32\ieakui.dll
- 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-07-30 03:58:08 3,670,112 ----a-w c:\windows\system32\ieapfltr.dat
- 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-22 07:42:22 443,392 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-08-22 08:06:44 385,024 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-08-22 08:10:34 11,985,408 ----a-w c:\windows\system32\ieframe.dll
- 2006-11-08 01:03:36 191,488 ----a-w c:\windows\system32\iepeers.dll
+ 2008-08-22 08:05:24 186,880 ----a-w c:\windows\system32\iepeers.dll
- 2008-08-26 07:24:29 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-08-22 08:06:20 55,808 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-22 08:06:02 1,778,688 ----a-w c:\windows\system32\iertutil.dll
- 2006-11-07 07:26:42 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2008-08-22 08:06:24 71,680 ----a-w c:\windows\system32\iesetup.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-22 08:06:24 36,864 ----a-w c:\windows\system32\ieudinit.exe
- 2006-11-08 01:03:36 180,736 ------w c:\windows\system32\ieui.dll
+ 2008-08-22 07:58:12 181,760 ----a-w c:\windows\system32\ieui.dll
- 2006-10-17 15:57:58 36,352 ----a-w c:\windows\system32\imgutil.dll
+ 2008-08-22 08:05:14 35,840 ----a-w c:\windows\system32\imgutil.dll
- 2006-11-07 07:26:24 92,672 ----a-w c:\windows\system32\inseng.dll
+ 2008-08-22 08:06:16 94,720 ----a-w c:\windows\system32\inseng.dll
- 2008-06-10 05:21:01 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-11-29 23:21:47 144,792 ----a-w c:\windows\system32\java.exe
- 2008-06-10 05:21:04 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-11-29 23:21:48 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-06-10 06:32:34 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-11-29 23:21:48 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-05-09 10:53:39 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-08-22 08:06:30 552,960 ----a-w c:\windows\system32\jscript.dll
- 2008-08-26 07:24:30 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-22 08:06:58 28,672 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-17 16:05:10 40,960 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-22 08:08:00 43,008 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-05 22:55:38 265,720 ----a-w c:\windows\system32\msdbg2.dll
- 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll

+ 2008-08-22 08:05:48 580,608 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-22 08:05:22 53,760 ----a-w c:\windows\system32\msfeedsbs.dll
- 2006-10-17 15:58:32 12,288 ------w c:\windows\system32\msfeedssync.exe
+ 2008-08-22 08:05:22 13,312 ----a-w c:\windows\system32\msfeedssync.exe
- 2006-10-17 15:56:10 45,568 ----a-w c:\windows\system32\mshta.exe
+ 2008-08-22 08:04:54 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-22 08:09:32 5,699,584 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:24:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-22 08:05:08 70,656 ----a-w c:\windows\system32\mshtmled.dll
- 2006-10-17 15:28:56 48,128 ----a-w c:\windows\system32\mshtmler.dll
+ 2008-08-22 08:05:00 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2006-11-08 01:03:36 156,160 ----a-w c:\windows\system32\msls31.dll
+ 2008-08-22 07:57:56 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-08-26 07:24:30 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-22 08:07:50 193,536 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 07:24:30 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-22 08:05:34 630,272 ----a-w c:\windows\system32\mstime.dll
- 2006-06-28 21:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2008-06-12 16:27:44 24,576 ----a-w c:\windows\system32\nlsdl.dll
- 2006-06-29 12:05:44 23,552 ------w c:\windows\system32\normaliz.dll
+ 2008-06-12 16:27:42 23,552 ----a-w c:\windows\system32\normaliz.dll
- 2008-08-26 07:24:30 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-08-22 08:07:50 116,224 ----a-w c:\windows\system32\occache.dll
- 2008-11-28 17:11:36 55,522 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-30 21:22:27 55,522 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-28 17:11:36 386,598 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-30 21:22:27 386,598 ----a-w c:\windows\system32\perfh009.dat
- 2008-08-26 07:24:30 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 08:05:14 45,056 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 08:05:00 48,640 ------w c:\windows\system32\PrivacIE.dll
- 2008-07-08 13:02:01 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-06-12 16:27:58 16,928 ------w c:\windows\system32\spmsg.dll
- 2007-08-11 00:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-06-12 16:27:58 26,144 ----a-w c:\windows\system32\spupdsvc.exe
- 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-22 08:07:58 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-22 08:08:22 1,206,784 ----a-w c:\windows\system32\urlmon.dll
- 2008-05-09 10:53:40 430,080 ----a-w c:\windows\system32\vbscript.dll
+ 2008-08-22 08:06:36 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-22 08:08:08 236,544 ----a-w c:\windows\system32\webcheck.dll
- 2006-10-17 16:05:58 206,336 ------w c:\windows\system32\WinFXDocObj.exe
+ 2008-08-22 08:08:22 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
- 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-22 08:08:06 878,592 ----a-w c:\windows\system32\wininet.dll
- 2008-04-14 00:12:11 121,856 ------w c:\windows\system32\xmllite.dll
+ 2008-06-12 16:28:02 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2008-11-30 21:18:20 16,384 ----atw c:\windows\temp\Perflib_Perfdata_190.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll" [2008-11-28 3958088]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}]
2008-11-28 03:46 3958088 --a------ c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll" [2008-11-28 3958088]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\documents and settings\Jackie\Local Settings\Application Data\CyberDefender\cdmyidd.dll" [2008-11-28 3958088]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"AROReminder"="c:\program files\Advanced Registry Optimizer\aro.exe" [2007-05-23 1798656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-06-10 785520]
"CyberDefender Early Detection Center"="c:\program files\CyberDefender\AntiSpyware\cdase0.exe" [2008-11-28 636232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-11 290816]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-04-08 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-04-17 85184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-29 136600]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"CyberDefender Early Detection Center"="c:\program files\CyberDefender\AntiSpyware\ISSIntro.exe" [2008-11-28 566600]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 c:\windows\stsystra.exe]

c:\documents and settings\Jackie\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe [2007-12-07 28672]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-08-01 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Ruckus Player\\Ruckus.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\CyberDefender\\AntiSpyware\\cdase0.exe"=

R3 CDAVFS;CDAVFS;c:\windows\system32\DRIVERS\CDAVFS.sys [2008-11-28 67424]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e85ab3d5-ac2b-11dd-80bf-0015c5a88a3c}]
\Shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e85ab3d6-ac2b-11dd-80bf-0015c5a88a3c}]
\Shell\AutoRun\command - setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder

2008-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-01 12:34:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\igfxdev.dll
.
Completion time: 2008-12-01 12:35:35
ComboFix-quarantined-files.txt 2008-12-01 17:34:54
ComboFix2.txt 2008-11-29 05:09:54
ComboFix3.txt 2008-11-28 22:17:40
ComboFix4.txt 2008-11-28 17:38:03
ComboFix5.txt 2008-12-01 17:29:02

Pre-Run: 24,698,531,840 bytes free
Post-Run: 24,691,511,296 bytes free

476 --- E O F --- 2008-11-29 23:55:49

Hello.
Looks good, what problems remain?

pretty much only the same problem I had before on certain websites when I type things in I have a black section while I am typing. I'm not really sure if this should be a concern or not?

Hello.
Do you know where this folder came from?
c:\documents and settings\Jackie\PrivacIE

If not, delete it.

I deleted that but the problem still seems to be there

Okay, let me look around the net for an answer.
I will be back shortly, and if not, probably tomorrow.

Thanks for all your help

Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.