Slow browsing help needed

[tjord0]

I need some help with a slow browsing problem. I have a laptop running XP sp2. I have tried different connections (home DSL, hotel T1, etc) with the same result. Basically pages either half load and hang up, or dont load at all. I have tried IE (6.0) and Firefox (3.0.3) with the same result.

log.txt =

Logfile of random's system information tool 1.04 (written by random/random)
Run by Tim.Jordan at 2008-11-09 09:10:35
Microsoft Windows XP Professional Service Pack 2
System drive C: has 51 GB (66%) free of 76 GB
Total RAM: 2038 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:36 AM, on 11/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ISS\Proventia Desktop\blackd.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe
C:\Program Files\ISS\Proventia Desktop\RapApp.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ISS\Proventia Desktop\vpatch.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\ISS\Proventia Desktop\RapUISvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\SurfControl\Mobile Filter\scnmui.exe
C:\Program Files\SurfControl\Mobile Filter\scnmclient.exe
C:\Garmin\gStart.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ISS\Proventia Desktop\blackice.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tim.jordan\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tim.Jordan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pulse/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://Pulse
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://pulse/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Covidien / Hazelwood
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://intranet.global1.mkg.com/is/ie6/install.ins
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.global1.mkg.com:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.mkg.com;*.mallinckrodt.com;166.95.*;10.*;*.thclearning.com;*.thcg.net;*.ccexcellence.org;*.mededsolutions.org;*.heritage-enviro.com;tahaze-ap24.thcg.net;tahaze-ap22.thcg.net;148.243.35.11;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SurfControl Mobile Filter] C:\Program Files\SurfControl\Mobile Filter\scnmui.exe
O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Global Network Client\NetSP.exe" -show
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\tim.jordan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - .DEFAULT User Startup: XP Configuration.lnk = XP\XPDP0709\XPDP0709.vbs (User 'Default user')
O4 - Startup: Set Policies.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Proventia Desktop Agent.lnk = C:\Program Files\ISS\Proventia Desktop\blackice.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://Pulse
O15 - Trusted Zone: http://*.DILBERT
O15 - Trusted Zone: http://*.DSS400
O15 - Trusted Zone: http://*.MFG1001
O15 - Trusted Zone: http://*.MFG1005
O15 - Trusted Zone: http://*.mkg.com
O15 - Trusted Zone: http://*.MSCC400
O15 - Trusted Zone: http://*.S0400003
O15 - Trusted Zone: http://*.S0400004
O15 - Trusted Zone: http://*.STLP400
O15 - Trusted Zone: http://taplea-ap02.thcg.net
O15 - Trusted Zone: http://taplea-ap03.thcg.net
O15 - Trusted Zone: http://*.thcg.net
O15 - Trusted Zone: http://*.DILBERT (HKLM)
O15 - Trusted Zone: http://*.DSS400 (HKLM)
O15 - Trusted Zone: http://*.MFG1001 (HKLM)
O15 - Trusted Zone: http://*.MFG1005 (HKLM)
O15 - Trusted Zone: http://*.mkg.com (HKLM)
O15 - Trusted Zone: http://*.MSCC400 (HKLM)
O15 - Trusted Zone: http://*.S0400003 (HKLM)
O15 - Trusted Zone: http://*.S0400004 (HKLM)
O15 - Trusted Zone: http://*.STLP400 (HKLM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1198015589515
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://attwm.webex.com/client/v_myw...ex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = thcg.net
O17 - HKLM\Software\..\Telephony: DomainName = thcg.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = thcg.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = thcg.net,global1.mkg.com,mkg.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = thcg.net,global1.mkg.com,mkg.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\ISS\Proventia Desktop\blackd.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: SurfControl Mobile Filter Client Service (MFCTDI) - SurfControl plc - C:\Program Files\SurfControl\Mobile Filter\MFCTDI.exe
O23 - Service: Pantech Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\ISS\Proventia Desktop\RapApp.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: ISS Buffer Overflow Exploit Prevention (VPatch) - Internet Security Systems, Inc. - C:\Program Files\ISS\Proventia Desktop\vpatch.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 13815 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-11-07 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-03-17 2554944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-20 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-03-17 2554944]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2004-01-07 110592]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2008-01-24 111952]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-05-16 138008]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2007-10-25 136512]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-05-16 138008]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-05-16 162584]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-12-09 49152]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-11-07 122940]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2005-10-07 176128]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
""= []
"SurfControl Mobile Filter"=C:\Program Files\SurfControl\Mobile Filter\scnmui.exe [2008-06-18 328968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NetSP - restore settings on power failure"=C:\Program Files\AT&T Global Network Client\NetSP.exe [2007-10-29 56600]
"gStart"=C:\Garmin\gStart.exe [2007-08-23 1891416]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-17 68856]
"Google Update"=C:\Documents and Settings\tim.jordan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infuzer]
C:\Program Files\Trondent Development Corp\Infuzer\Infuzer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfControl Mobile Filter]
C:\Program Files\SurfControl\Mobile Filter\scnmui.exe [2008-06-18 328968]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Proventia Desktop Agent.lnk - C:\Program Files\ISS\Proventia Desktop\blackice.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Documents and Settings\tim.jordan\Start Menu\Programs\Startup
Set Policies.lnk - C:\WINDOWS\i386\MKGFiles\UST\ConfigFiles\Set_XPPolicies.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"Btn_Back"=0
"Btn_Forward"=0
"Btn_Stop"=0
"Btn_Refresh"=0
"Btn_Home"=0
"Btn_Search"=0
"Btn_History"=0
"Btn_Favorites"=0
"Btn_Media"=2
"SpecifyDefaultButtons"=1
"Btn_Folders"=0
"Btn_Fullscreen"=0
"Btn_Tools"=2
"Btn_MailNews"=2
"Btn_Size"=0
"Btn_Print"=0
"Btn_Edit"=2
"Btn_Discussions"=2
"Btn_Cut"=0
"Btn_Copy"=0
"Btn_Paste"=0
"Btn_Encoding"=2
"Btn_PrintPreview"=0
"NoActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoDesktop"=0
"NoFavoritesMenu"=0
"NoFind"=0
"NoRun"=0
"NoSetActiveDesktop"=0
"NoFolderOptions"=0
"NoLogoff"=0
"NoClose"=0
"NoSetFolders"=0
"NoTrayContextMenu"=0
"NoViewContextMenu"=0
"EnforceShellExtensionSecurity"=0
"NoDrives"=0
"NoManageMyComputerVerb"=1
"NoSharedDocuments"=1
"MaxRecentDocs"=15
"NoStartMenuMyMusic"=1
"NoSMMyPictures"=1
"ForceStartMenuLogOff"=1
"Intellimenus"=1
"NoAutoTrayNotify"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoDesktopCleanupWizard"=1
"ForceClassicControlPanel"=1
"NoWelcomeScreen"=1
"NoAutoUpdate"=1
"NoPublishingWizard"=1
"NoWebServices"=1
"NoOnlinePrintsWizard"=1
"NoWindowsUpdate"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoMSAppLogo5ChannelNotify"=
"NoToolbarCustomize"=
"NoBandCustomize"=
"NoWelcomeScreen"=
"NoPublishingWizard"=
"NoWebServices"=
"NoOnlinePrintsWizard"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3eee994-6961-11dd-840e-001c2336c8a7}]
shell\AutoRun\command - E:\LapNetWizard.exe


======List of files/folders created in the last 1 months======

2008-11-09 09:10:35 ----D---- C:\rsit
2008-11-08 23:38:07 ----D---- C:\Program Files\Lavasoft
2008-11-08 23:38:07 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-08 23:37:38 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-08 23:27:24 ----D---- C:\Program Files\Trend Micro
2008-11-03 1355 ----D---- C:\Program Files\SurfControl
2008-11-03 1354 ----D---- C:\Documents and Settings\All Users\Application Data\SurfControl
2008-11-03 08:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-03 08:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-03 08:39:44 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-03 08:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-03 08:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-03 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-30 21:30:56 ----D---- C:\Documents and Settings\tim.jordan\Application Data\Move Networks
2008-10-25 11:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-24 11:55:49 ----D---- C:\Documents and Settings\tim.jordan\Application Data\webex
2008-10-22 20:54:52 ----D---- C:\Documents and Settings\tim.jordan\Application Data\Trondent Development Corp

======List of files/folders modified in the last 1 months======

2008-11-09 09:04:11 ----D---- C:\Program Files\Mozilla Firefox
2008-11-09 08:37:47 ----D---- C:\WINDOWS
2008-11-09 08:02:24 ----D---- C:\WINDOWS\Temp
2008-11-09 07:48:38 ----D---- C:\WINDOWS\system32
2008-11-09 07:48:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-09 07:44:33 ----A---- C:\WINDOWS\SMSCFG.ini
2008-11-09 00:00:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-08 23:39:16 ----SHD---- C:\WINDOWS\Installer
2008-11-08 23:38:07 ----RD---- C:\Program Files
2008-11-08 23:38:07 ----D---- C:\WINDOWS\system32\drivers
2008-11-08 23:37:38 ----D---- C:\Program Files\Common Files
2008-11-08 23:34:22 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-08 23:14:54 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-11-08 15:48:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-08 15:48:03 ----HD---- C:\WINDOWS\inf
2008-11-08 15:44:58 ----D---- C:\Program Files\Citrix
2008-11-08 15:42:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-08 15:40:04 ----D---- C:\Program Files\Amazon
2008-11-08 10:05:55 ----D---- C:\Documents and Settings\tim.jordan\Application Data\U3
2008-11-08 10:04:51 ----D---- C:\WINDOWS\Prefetch
2008-11-08 01:54:15 ----A---- C:\WorkingPath.txt
2008-11-07 16:05:20 ----D---- C:\Documents and Settings\tim.jordan\Application Data\Skype
2008-11-07 12:30:12 ----D---- C:\Logs
2008-11-07 10:28:05 ----A---- C:\WINDOWS\ModemLog_PANTECH PC Card (UDP).txt
2008-11-07 09:25:52 ----D---- C:\Documents and Settings\tim.jordan\Application Data\skypePM
2008-11-04 20:24:33 ----D---- C:\Quarantine
2008-11-03 08:50:05 ----D---- C:\WINDOWS\system32\VPCache
2008-11-03 08:48:00 ----A---- C:\PSTInfo.txt
2008-11-03 08:45:23 ----D---- C:\WINDOWS\system32\wbem
2008-11-03 08:39:56 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-03 08:39:54 ----A---- C:\WINDOWS\imsins.BAK
2008-11-03 08:39:23 ----A---- C:\WINDOWS\win.ini
2008-11-03 08:37:30 ----D---- C:\Program Files\Internet Explorer
2008-11-02 15:28:25 ----RASH---- C:\boot.ini
2008-11-02 15:28:24 ----A---- C:\WINDOWS\system.ini
2008-10-27 10:29:10 ----D---- C:\Program Files\Common Files\Adobe
2008-10-27 09:59:06 ----RSD---- C:\WINDOWS\Fonts
2008-10-27 09:56:57 ----D---- C:\Program Files\Adobe
2008-10-26 10:28:44 ----SHD---- C:\WINDOWS\CSC
2008-10-24 11:55:22 ----A---- C:\WINDOWS\system32\atasnt40.dll
2008-10-24 11:55:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-22 20:54:44 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-15 11:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-14 15:39:55 ----SD---- C:\WINDOWS\Tasks
2008-10-11 01:36:50 ----D---- C:\Documents and Settings\All Users\Application Data\Logishrd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\mfetdik.sys [2008-01-24 52104]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R1 wstdi;wstdi; C:\WINDOWS\System32\Drivers\wstdixp.sys [2008-06-12 43776]
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-11-07 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-11-07 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-11-07 86652]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-11-07 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-11-07 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-11-07 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-11-07 94332]
R2 drvnddm;drvnddm; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2005-09-28 113847]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2005-06-29 110080]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-02 989696]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-02 209152]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-16 5707744]
R3 idisw2km;idisw2km; C:\WINDOWS\system32\DRIVERS\idisw2km.sys [2007-05-31 8992]
R3 kbstuff;SMS Virtual Keyboard; C:\WINDOWS\system32\DRIVERS\kbstuff5.sys [2007-05-31 11744]
R3 MakoNT;MakoNT; C:\WINDOWS\system32\drivers\isskboep.sys [2007-09-04 80512]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2008-01-24 64232]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-01-24 72936]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-01-24 33960]
R3 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-01-24 171400]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\system32\CCM\prepdrv.sys []
R3 rap;rap; C:\WINDOWS\System32\drivers\RapDrv.sys [2007-09-04 50163]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-10 41856]
R3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2005-05-13 28672]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-10-25 27264]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-02-20 58240]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-02 730112]
R4 black;black; C:\WINDOWS\System32\drivers\BlackCat.sys [2007-09-04 205938]
S3 CSRBC;CSRBC.Sys CSR test driver; C:\WINDOWS\System32\Drivers\csrbcxp.sys [2007-01-16 31744]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2005-05-17 5315]
S3 cxbu0wdm;CardMan 6121; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2008-04-30 91008]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-22 21744]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 PTDCBus;PANTECH PC Card Composite Device Driver (UDP); C:\WINDOWS\system32\DRIVERS\PTDCBus.sys [2007-01-11 24832]
S3 PTDCMdm;PANTECH PC Card Drivers (UDP); C:\WINDOWS\system32\DRIVERS\PTDCMdm.sys [2007-01-11 39424]
S3 PTDCVsp;PANTECH PC Card Diagnostic Serial Port (UDP); C:\WINDOWS\system32\DRIVERS\PTDCVsp.sys [2007-01-11 37760]
S3 RapFile;RapFile; \??\C:\WINDOWS\system32\drivers\RapFile.sys []
S3 RapNet;RapNet; \??\C:\WINDOWS\system32\drivers\RapNet.sys []
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-23 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2006-11-22 53504]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 BlackICE;BlackICE; C:\Program Files\ISS\Proventia Desktop\blackd.exe [2007-09-04 2081034]
R2 CcmExec;SMS Agent Host; C:\WINDOWS\system32\CCM\CcmExec.exe [2007-04-13 590712]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2005-11-04 1516584]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-20 168432]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2007-10-25 103744]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2008-01-24 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2008-01-24 54608]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MFCTDI;SurfControl Mobile Filter Client Service; C:\Program Files\SurfControl\Mobile Filter\MFCTDI.exe [2008-06-18 410888]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Pantech Utility Service;Pantech Utility Service; C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe [2007-02-24 155648]
R2 RapApp;RapApp; C:\Program Files\ISS\Proventia Desktop\RapApp.exe [2007-09-04 1274122]
R2 STacSV;SigmaTel Audio Service; C:\WINDOWS\system32\StacSV.exe [2007-05-10 94208]
R2 VPatch;ISS Buffer Overflow Exploit Prevention; C:\Program Files\ISS\Proventia Desktop\vpatch.exe [2007-09-04 405770]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2006-11-01 20480]
R2 Wuser32;SMS Remote Control Agent; C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe [2007-05-31 241664]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Cwbrxd;iSeries Access for Windows Remote Command; C:\WINDOWS\CWBRXD.EXE [2007-03-05 65585]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 netcfgsvr;Network Configuration Service; C:\Program Files\AT&T Global Network Client\netcfgsvr.exe [2007-10-29 501016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

[Billy O'Neal]

Hello, tjord0
Welcome to TSF

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)
Please give me some time to look over your computer's log(s).
Please take note of the following:

• In the meantime, please refrain from making any changes to your computer.
• Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
• If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
• Finally, please reply using the button in the lower left hand corner of your screen.
• Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .

We need to run a Scan with DDS

1. Please download DDS, and save it to your desktop, from one of the following mirrors:
   • This is a mirror
   • This is another mirror
2. Disable any type of "Script Blockers" or "Script Protection" installed on your system.
3. Double click on your desktop.
4. If prompted by any script blocking tools, please allow any actions taken by DDS.
5. When prompted to preform an Optional Scan, please select
6. Two reports will open. Please reply with the generated reports:
   • DDS.txt <-- Copy and paste into your next post
   • Attach.txt <-- Attach to your next post

We need to scan for Rootkits with GMER

1. Please download GMER from one of the following mirrors:
   • This is the Primary mirror
   • This is a Secondary mirror
   • This is a Secondary mirror
2. Close any and all open programs, as this process may crash your computer.
3. Unzip the downloaded file to your desktop.
4. Double click on your desktop.
5. Allow the gmer.sys driver to load if asked.
6. You may see this window. If you do, click No.
   
7. Click on and wait for the scan to finish.
8. If you see a rootkit warning window, click OK.
9. Push and save the logfile to your desktop.
10. Copy and Paste the contents of that file in your next post.

In your next reply, please include the following:

• DDS.txt
• Attach.txt
• GMER's Log

Billy3

[tjord0]

Thanks Billy, but that was a month ago. I have resolved the issue. Thanks anyway.

[Billy O'Neal]

Hello, tjord0
Since this issue appears resolved, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

http://www.techsupportforum.com/secu...oval-help.html

Billy3