Mike,
Ran the SDFix program. Here is the log file:
SDFix: Version 1.240
Run by paul schneeweiss on Mon 11/24/2008 at 09:32 AM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-11-24 09:47:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\\Program Files\\eSignal\\winros.exe"="C:\\Program Files\\eSignal\\winros.exe:*:Enabled:eSignal Data Manager"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
Remaining Files :
Files with Hidden Attributes :
Thu 29 Aug 2002 24,448 A.SHR --- "C:\NTBOOTDD.SYS"
Wed 10 Jan 2007 30,720 ...HR --- "C:\WINDOWS\CdaC13BA.EXE"
Wed 10 Jan 2007 112,128 ...HR --- "C:\WINDOWS\CdaC14BA.DLL"
Fri 22 Aug 2008 637,984 A.SH. --- "C:\Program Files\Internet Explorer\iexplore.exe"
Sun 13 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Sat 5 Aug 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 12 Sep 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak"
Fri 12 Sep 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak"
Mon 13 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Thu 21 Dec 2006 19,762,176 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborHomeBldrs\~WRL0005.tmp"
Thu 4 Jan 2007 2,050,048 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborHomeBldrs\~WRL2070.tmp"
Tue 4 Nov 2008 19,456 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborWest\~WRL0332.tmp"
Tue 4 Nov 2008 19,456 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborWest\~WRL1234.tmp"
Tue 4 Nov 2008 19,456 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborWest\~WRL1591.tmp"
Tue 4 Nov 2008 19,968 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborWest\~WRL3575.tmp"
Tue 4 Nov 2008 19,456 ...H. --- "C:\Documents and Settings\paul schneeweiss\My Documents\ArborWest\~WRL3992.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Common Files\Motorola Shared\MotPCSDrivers\difxapi.dll"
Tue 4 Nov 2008 19,456 ...H. --- "C:\Documents and Settings\paul schneeweiss\Application Data\Microsoft\Word\~WRL0004.tmp"
Finished!
Thanks for your help. What next? Internet explorer still slow to load and 2 instances of iexplore.exe still in task manager.