1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

IE running in background

Discussion in 'Virus & Other Malware Removal' started by TheTaxGuy, Dec 27, 2012.

Thread Status:
Not open for further replies.
  1. TheTaxGuy

    TheTaxGuy Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    2
    Hi,

    Internet Explorer keeps running in the background, I end the the process in task manager and within seconds, it reopens again.

    On the 24th my computer got infected with a virus, which I think AVG caught part of but not everything. Since then, its been reporting a couple of Trojan Horse viruses.

    I've followed the instructions in the "Everyone MUST read this BEFORE posting for help in this forum" posting and I've attached the files to this message.

    I found a similar thread on these forums from last year that was solved, so I'm hoping you folks will be able to help me fix this one as well

    If you need any more information just let me know.

    Thanks in advance,
    The Tax Guy
     

    Attached Files:

  2. TheTaxGuy

    TheTaxGuy Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    2
    I re-read the instructions about submitting initial log files and I see that I should have pasted all the info into the posting, rather than attach it...so here it is.

    HijackThis log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:41:52 AM, on 12/27/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Common Files\Apricorn\Schedule2\schedul2.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2013\avgidsagent.exe
    C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AVG\AVG2013\avgnsx.exe
    C:\Program Files\AVG\AVG2013\avgemcx.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Apricorn\EZ Gig II\EZGigMonitor.exe
    C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe
    C:\Program Files\Common Files\Apricorn\Schedule2\schedhlp.exe
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files\Intuit\QuickBooks 2008\QBW32.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Documents and Settings\rpryor\Application Data\Dropbox\bin\Dropbox.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\rpryor\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isp.netscape.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [EZGigMonitor.exe] C:\Program Files\Apricorn\EZ Gig II\EZGigMonitor.exe
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Apricorn Scheduler Service] "C:\Program Files\Common Files\Apricorn\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [wipsrf] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\rpryor\Application Data\wipsrf.dll",DelItemString
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [TaskScheduler] C:\Program Files\ProSeries11\32bit\tasksch.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\rpryor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [MotoCast] "C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk"
    O4 - S-1-5-18 Startup: Dropbox.lnk = C:\Documents and Settings\rpryor\Application Data\Dropbox\bin\Dropbox.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Dropbox.lnk = C:\Documents and Settings\rpryor\Application Data\Dropbox\bin\Dropbox.exe (User 'Default user')
    O4 - Startup: Dropbox.lnk = C:\Documents and Settings\rpryor\Application Data\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: DesktopPlus.lnk = C:\Program Files\DesktopPlus\dp.exe
    O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2008\QBW32.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
    O15 - Trusted Zone: http://mail.qthink.com
    O15 - Trusted Zone: www.refund-advantage.com
    O15 - Trusted Zone: http://www.refund-advantage.com
    O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://192.168.1.5:4343/officescan/console/ClientInstall/WinNTChk.cab
    O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://192.168.1.5:4343/officescan/console/ClientInstall/setup.cab
    O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.refund-advantage.com/pcheck041911/smsx.cab
    O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://192.168.1.5:4343/officescan/console/ClientInstall/RemoveCtrl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1351812397085
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = qthink.com
    O17 - HKLM\Software\..\Telephony: DomainName = qthink.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = qthink.com
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = qthink.com
    O18 - Protocol: bw+0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
    O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
    O18 - Protocol: intu-help-qb5 - {867FCB77-9823-4CD6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
    O18 - Protocol: offline-8876480 - {1997C822-2018-45A2-B907-5FC0F190B252} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Apricorn Scheduler Service (AcrSch2Svc) - Apricorn - C:\Program Files\Common Files\Apricorn\Schedule2\schedul2.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
    O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: Intuit Fuse Service - Intuit - C:\Program Files\Common Files\Intuit\Fuse\Service\Intuit Fuse Service.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
    O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
    O23 - Service: QuickBooksDB22 - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 28035 bytes

    ==============================================================================
    contents of the dds.txt:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
    Run by rpryor at 9:44:25 on 2012-12-27
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1024 [GMT -8:00]
    .
    AV: AVG update module *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Common Files\Apricorn\Schedule2\schedul2.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Apricorn\EZ Gig II\EZGigMonitor.exe
    C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe
    C:\Program Files\Common Files\Apricorn\Schedule2\schedhlp.exe
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files\Intuit\QuickBooks 2008\QBW32.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Documents and Settings\rpryor\Application Data\Dropbox\bin\Dropbox.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\rpryor\Desktop\HijackThis.exe
    C:\Program Files\XEmacs\XEmacs-21.4.13\i586-pc-win32\xemacs.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    C:\WINDOWS\System32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.isp.netscape.com/
    uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
    uRun: [RecordNow!] <no file>
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [ATIModeChange] Ati2mdxx.exe
    mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
    mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
    mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
    mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
    mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [EZGigMonitor.exe] c:\program files\apricorn\ez gig ii\EZGigMonitor.exe
    mRun: [AcronisTimounterMonitor] c:\program files\apricorn\ez gig ii\TimounterMonitor.exe
    mRun: [Apricorn Scheduler Service] "c:\program files\common files\apricorn\schedule2\schedhlp.exe"
    mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe
    mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
    mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [wipsrf] "c:\windows\system32\rundll32.exe" "c:\documents and settings\rpryor\application data\wipsrf.dll",DelItemString
    StartupFolder: c:\docume~1\rpryor\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\rpryor\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\deskto~1.lnk - c:\program files\desktopplus\dp.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2008\QBW32.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {00134F72-5284-44F7-95A8-52A619F70751} - hxxps://192.168.1.5:4343/officescan/console/ClientInstall/WinNTChk.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
    DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} - hxxps://192.168.1.5:4343/officescan/console/ClientInstall/setup.cab
    DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://www.refund-advantage.com/pcheck041911/smsx.cab
    DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} - hxxps://192.168.1.5:4343/officescan/console/ClientInstall/RemoveCtrl.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1351812397085
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
    DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{4D9D1EC3-FC94-4C57-9ABE-1DBFAF15781E} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{DEB3ECC2-BD3C-440E-AC72-5ABDEF1FEC34} : DHCPNameServer = 75.75.75.75 75.75.76.76
    Handler: bw+0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw+0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw-0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw-0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw00 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw00s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw10 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw10s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw20 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw20s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw30 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw30s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw40 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw40s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw50 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw50s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw60 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw60s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw70 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw70s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw80 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw80s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw90 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw90s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwa0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwa0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwb0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwb0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwc0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwc0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwd0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwd0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwe0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwe0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwf0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwf0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    Handler: bwg0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwg0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwh0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwh0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwi0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwi0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwj0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwj0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwk0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwk0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwl0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwl0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwm0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwm0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwn0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwn0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwo0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwo0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwp0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwp0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwq0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwq0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwr0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwr0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bws0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bws0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwt0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwt0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwu0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwu0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwv0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwv0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bww0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bww0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwx0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwx0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwy0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwy0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwz0 - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwz0s - {1997c822-2018-45a2-b907-5fc0f190b252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
    Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: offline-8876480 - {1997C822-2018-45A2-B907-5FC0F190B252} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    LSA: Authentication Packages = msv1_0 relog_ap
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\rpryor\application data\mozilla\firefox\profiles\tfpmzgwy.default\
    FF - prefs.js: browser.startup.homepage - hxxp://isp.netscape.com
    FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
    FF - component: c:\program files\avg\avg10\toolbar\firefox\[email protected]\components\IGeared_tavgp_xputils3.dll
    FF - component: c:\program files\avg\avg10\toolbar\firefox\[email protected]\components\IGeared_tavgp_xputils35.dll
    FF - component: c:\program files\avg\avg10\toolbar\firefox\[email protected]\components\xpavgtbapi.dll
    FF - plugin: c:\documents and settings\rpryor\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPCltInst11.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - plugin: c:\windows\system32\npwmsdrm.dll
    FF - ExtSQL: 2012-12-06 11:06; [email protected]; c:\documents and settings\rpryor\application data\mozilla\firefox\profiles\tfpmzgwy.default\extensions\[email protected]
    FF - ExtSQL: !HIDDEN! 2010-11-30 10:23; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - ExtSQL: !HIDDEN! 2012-12-24 01:12; {53052064-84d3-4400-8f5c-97ad68ba50fa}; c:\documents and settings\rpryor\application data\mozilla\firefox\profiles\tfpmzgwy.default\extensions\{53052064-84d3-4400-8f5c-97ad68ba50fa}.xpi
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.BabylonToolbar.autoRvrt - false
    FF - user.js: extensions.BabylonToolbar_i.newTab - false
    FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
    FF - user.js: extensions.BabylonToolbar.id - 1d34c00000000000000000904b92937f
    FF - user.js: extensions.BabylonToolbar.instlDay - 15576
    FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
    FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.616:20:43
    FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
    FF - user.js: extensions.BabylonToolbar.instlRef - sst
    FF - user.js: extensions.BabylonToolbar.dfltLng - en
    FF - user.js: extensions.BabylonToolbar.excTlbr - false
    FF - user.js: extensions.BabylonToolbar.admin - false
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110795&tt=200812_67a_3412_4
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 177376]
    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 93536]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 35552]
    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 159712]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-2-22 164832]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
    R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\lite\NServiceEntry.exe [2012-9-7 87992]
    R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2011-12-6 1248256]
    R3 btwsecfl;Bluetooth USB Security Filter;c:\windows\system32\drivers\btwsecfl.sys [2012-12-11 93480]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2010-6-30 401920]
    S3 Intuit Fuse Service;Intuit Fuse Service;c:\program files\common files\intuit\fuse\service\Intuit Fuse Service.exe [2011-1-27 72704]
    S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-3-10 24216]
    S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2012-12-5 25856]
    S3 QuickBooksDB22;QuickBooksDB22;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb22 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB22 [?]
    S3 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys --> c:\windows\system32\drivers\wdcsam.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile="c:\program files\xemacs\xemacs-21.4.13\i586-pc-win32\xemacs.exe"
    ShellExec: xemacs.exe: open="c:\program files\xemacs\xemacs-21.4.13\i586-pc-win32\xemacs.exe"
    .
    =============== Created Last 30 ================
    .
    .
    ==================== Find3M ====================
    .
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-12 07:06:18 697272 ------w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-12 07:06:17 73656 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-11-05 09:02:40 200192 ------w- c:\windows\system32\bzpdf.dll
    2012-11-05 09:02:40 139264 ------w- c:\windows\system32\bzpdfc.dll
    2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
    2012-10-25 11:12:26 94208 ------w- c:\windows\system32\QuickTimeVR.qtx
    2012-10-25 11:12:26 69632 ------w- c:\windows\system32\QuickTime.qts
    2012-10-22 21:02:46 179936 ------w- c:\windows\system32\drivers\avgidsdriverx.sys
    2012-10-15 11:48:52 55776 ------w- c:\windows\system32\drivers\avgidshx.sys
    2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
    2012-10-02 10:30:38 159712 ------w- c:\windows\system32\drivers\avgldx86.sys
    .
    ============= FINISH: 9:46:09.23 ===============

    ===============================================================================

    attach.txt:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/11/2004 1:06:35 AM
    System Uptime: 12/27/2012 8:11:29 AM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 0898
    Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | JP8 | 2800/mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 95 GiB total, 38.723 GiB free.
    D: is CDROM ()
    E: is FIXED (NTFS) - 233 GiB total, 93.224 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1833: 11/24/2012 12:40:31 AM - System Checkpoint
    RP1834: 11/25/2012 1:37:10 AM - System Checkpoint
    RP1835: 11/26/2012 1:39:54 AM - System Checkpoint
    RP1836: 11/27/2012 2:36:59 AM - System Checkpoint
    RP1837: 11/28/2012 3:32:41 AM - System Checkpoint
    RP1838: 11/29/2012 4:28:20 AM - System Checkpoint
    RP1839: 11/30/2012 5:23:58 AM - System Checkpoint
    RP1840: 12/1/2012 6:19:43 AM - System Checkpoint
    RP1841: 12/2/2012 7:15:10 AM - System Checkpoint
    RP1842: 12/3/2012 8:10:53 AM - System Checkpoint
    RP1843: 12/4/2012 10:59:17 AM - System Checkpoint
    RP1844: 12/5/2012 11:38:47 AM - System Checkpoint
    RP1845: 12/5/2012 7:32:22 PM - Installed MotoCast
    RP1846: 12/5/2012 7:40:44 PM - Installed Windows XP Wdf01007.
    RP1847: 12/6/2012 10:28:02 AM - Software Distribution Service 3.0
    RP1848: 12/7/2012 2:40:05 PM - System Checkpoint
    RP1849: 12/8/2012 3:21:10 PM - System Checkpoint
    RP1850: 12/9/2012 4:17:04 PM - System Checkpoint
    RP1851: 12/10/2012 4:38:58 PM - System Checkpoint
    RP1852: 12/11/2012 10:52:45 AM - Installed Bluetooth Software
    RP1853: 12/12/2012 8:50:12 AM - Software Distribution Service 3.0
    RP1854: 12/13/2012 9:03:19 AM - System Checkpoint
    RP1855: 12/14/2012 5:27:25 PM - System Checkpoint
    RP1856: 12/15/2012 5:32:08 PM - System Checkpoint
    RP1857: 12/16/2012 6:27:58 PM - System Checkpoint
    RP1858: 12/17/2012 7:22:12 PM - System Checkpoint
    RP1859: 12/18/2012 8:16:29 PM - System Checkpoint
    RP1860: 12/19/2012 9:09:58 PM - System Checkpoint
    RP1861: 12/20/2012 10:05:45 PM - System Checkpoint
    RP1862: 12/21/2012 2:15:44 PM - Software Distribution Service 3.0
    RP1863: 12/22/2012 2:43:54 PM - System Checkpoint
    RP1864: 12/23/2012 3:36:38 PM - System Checkpoint
    RP1865: 12/24/2012 4:14:32 PM - System Checkpoint
    RP1866: 12/25/2012 5:10:47 PM - System Checkpoint
    RP1867: 12/26/2012 6:37:21 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    32 Bit HP CIO Components Installer
    Adobe AIR
    Adobe Digital Editions
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Flash Player 9 ActiveX
    Adobe Reader X (10.1.4)
    Agere Systems AC'97 Modem
    ALZip
    Amazon Games & Software Downloader
    AnswerWorks 4.0 Runtime - English
    AnswerWorks 5.0 English Runtime
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Apricorn EZ Gig II
    ATI Control Panel
    ATI Display Driver
    AVG 2013
    Bonjour
    Bullzip PDF Printer 9.2.0.1499
    Business Contacts for Pocket PC
    CDDRV_Installer
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    DesktopPlus
    Document eSort Components
    Dropbox
    EntlClnt
    Epson Event Manager
    Epson FAX Utility
    Epson PC-FAX Driver
    EPSON Scan
    EPSON WorkForce 630 Series Printer Uninstall
    EpsonNet Print
    EpsonNet Setup 3.3
    Family Tree Maker 2010
    Fighting Steel
    Fighting Steel - Scenario Editor
    Fighting Steel - Scenario Editor (C:\Program Files\SSI\Fighting Steel\)
    FileZilla Client 3.2.6.1
    GdiplusUpgrade
    GoldWave v5.67
    Google Chrome
    GoToMeeting 5.1.0.880
    Hotfix 2055 for SQL Server 2000 ENU (KB960082)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Deskjet Preloaded Printer Drivers
    HP Help and Support
    HP Install Network Printer Wizard
    HP PSC & OfficeJet 3.5
    HP Update
    HpSdpAppCoreApp
    iLinc 11 Client
    Indeo® software
    InterVideo WinDVD
    Intuit Entitlement Client
    iSEEK AnswerWorks English Runtime
    iStockphoto.PowerPointAddIn
    iTunes
    Java 7 Update 9
    Java Auto Updater
    join.me
    KhalInstallWrapper
    Logitech Desktop Messenger
    Logitech SetPoint
    Macromedia Flash Player 8
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft ActiveSync
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft IntelliPoint 6.01
    Microsoft IntelliType Pro 6.01
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2003 Primary Interop Assemblies
    Microsoft Office Access 2003
    Microsoft Office File Validation Add-In
    Microsoft Office Outlook 2003 with Business Contact Manager Update
    Microsoft Office Project Standard 2003
    Microsoft Office Small Business Edition 2003
    Microsoft Office Visio Viewer 2003 (English)
    Microsoft Office XP Web Components
    Microsoft Primary Interoperability Assemblies 2005
    Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio 2005 Tools for Office Runtime
    Microsoft WSE 3.0
    MotoCast
    Motorola Device Manager
    MOTOROLA MEDIA LINK
    Motorola Mobile Drivers Installation 5.9.0
    Mozilla Firefox 17.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MyPhoneExplorer
    NX Client Fonts 100dpi
    NX Client Fonts 75dpi
    NX Client Fonts Misc
    NX Client Fonts Others
    NX Client for Windows 3.2.0-10
    OGA Notifier 2.0.0048.0
    overland
    PCI 1620 Cardbus Controller and Software
    ProSeries 2004
    ProSeries 2005
    ProSeries 2006
    ProSeries 2007
    ProSeries 2008
    ProSeries 2009
    ProSeries 2010
    ProSeries 2011
    ProSeries Basic Edition 2004
    ProSeries Basic Edition 2005
    ProSeries Basic Edition 2006
    ProSeries Basic Edition 2007
    ProSeries Basic Edition 2008
    ProSeries Basic Edition 2009
    ProSeries Basic Edition 2010
    ProSeries Basic Edition 2011
    ProSeries Basic User's Guide 2011
    ProSeries User's Guide 2011
    PuTTY version 0.60
    Quick Launch Buttons 5.10 B5
    QuickBooks
    QuickBooks Connection Diagnostic Tool
    QuickBooks File Doctor
    QuickBooks Pro 2012
    Quicken 2012
    Quicken Converter
    QuickTime
    RecordNow!
    Refund Advantage 2011
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Encoder (KB2447961)
    Security Update for Windows Media Encoder (KB954156)
    Security Update for Windows Media Encoder (KB979332)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Sonic Update Manager
    SoundMAX
    StampManage 2009
    SupportSoft Assisted Service
    TablEdit 2.69
    thinkorswim
    TI1620/1520
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Windows (KB971513)
    Update for Windows Internet Explorer 8 (KB971180)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB943729)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Virtual Fretboard
    Visual Studio 2005 Tools for Office Second Edition Runtime
    Visual Studio Tools for the Office system 3.0 Runtime
    WebEx
    WebFldrs XP
    WebM Project Directshow Filters
    WexTech AnswerWorks
    WIDCOMM Bluetooth Software
    Windows 7 Upgrade Advisor
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage v1.3.0254.0
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Encoder 9 Series
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Search 4.0
    Windows XP Service Pack 3
    XEmacs
    Xiph.Org Open Codecs 0.85.17777
    Xtranormal - TTS Engine
    Xtranormal Desktop
    Yahoo! Detect
    zipForm6
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/22/2012 5:46:29 AM, error: Dhcp [1002] - The IP address lease 192.168.30.109 for the Network Card with network address 00904B92937F has been denied by the DHCP server 192.168.30.1 (The DHCP Server sent a DHCPNACK message).
    12/22/2012 5:46:19 AM, error: Dhcp [1002] - The IP address lease 192.168.30.108 for the Network Card with network address 000FB00E1633 has been denied by the DHCP server 192.168.30.1 (The DHCP Server sent a DHCPNACK message).
    12/20/2012 2:04:42 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    12/20/2012 2:03:48 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    12/20/2012 10:04:03 PM, error: NETLOGON [5719] - No Domain Controller is available for domain QTHINK due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
    .
    ==== End Of File ===========================
    ===============================================================================

    ark.txt:

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-12-27 17:17:19
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1200BEVE-00UYT0 rev.01.04A01
    Running: d0vbt9yb.exe; Driver: C:\DOCUME~1\rpryor\LOCALS~1\Temp\uflyqpob.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xB9F0514A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xB9F0521A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB9F04D7C]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwSuspendProcess [0xB9F04F6A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwSuspendThread [0xB9F05000]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB9F04E32]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB9F04ECE]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB9F0509C]

    ---- Kernel code sections - GMER 1.0.15 ----

    init C:\WINDOWS\system32\drivers\tiumflt.sys entry point in "init" section [0xF78A7E00]
    init C:\WINDOWS\system32\drivers\tiumfwl.sys entry point in "init" section [0xF77A9F00]
    ? C:\DOCUME~1\rpryor\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 022D1B32
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 022D2A66
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] kernel32.dll!CreateFileW 7C810CD9 5 Bytes JMP 022D4C0A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 022D3FB6
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 022D28B5
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AB5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25466C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E725F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E7191 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E71FC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E7062 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E70C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E72C2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E7126 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2812] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E75C7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\WINDOWS\system32\SearchIndexer.exe[2864] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 03131B32
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 03132A66
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] kernel32.dll!CreateFileW 7C810CD9 5 Bytes JMP 03134C0A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 03133FB6
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 031328B5
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E725F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E7191 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E71FC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E7062 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E70C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E72C2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3476] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E7126 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\WINDOWS\system32\ctfmon.exe[4156] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00B41B32
    .text C:\WINDOWS\system32\ctfmon.exe[4156] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00B42A66
    .text C:\WINDOWS\system32\ctfmon.exe[4156] kernel32.dll!CreateFileW 7C810CD9 5 Bytes JMP 00B44C0A
    .text C:\WINDOWS\system32\ctfmon.exe[4156] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 00B43FB6
    .text C:\WINDOWS\system32\ctfmon.exe[4156] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 00B428B5
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 022F1B32
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 022F2A66
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] kernel32.dll!CreateFileW 7C810CD9 5 Bytes JMP 022F4C0A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 022F3FB6
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 022F28B5
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AB5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25466C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E725F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E7191 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E71FC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E7062 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E70C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E72C2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E7126 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4244] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E75C7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 022E1B32
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 022E2A66
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] kernel32.dll!CreateFileW 7C810CD9 5 Bytes JMP 022E4C0A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 022E3FB6
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 022E28B5
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AB5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25466C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E725F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E7191 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E71FC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E7062 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E70C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E72C2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E7126 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4464] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E75C7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Apricorn Snapshot API/Apricorn)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Apricorn Snapshot API/Apricorn)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 snapman.sys (Apricorn Snapshot API/Apricorn)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 snapman.sys (Apricorn Snapshot API/Apricorn)
    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    ---- EOF - GMER 1.0.15 ----
    ===============================================================================
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - running background
  1. larryslade
    Replies:
    9
    Views:
    1,067
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082654

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice