Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

not sure what i have, but it is pretty nasty


  • This topic is locked This topic is locked
3 replies to this topic

#1 Kyle_M

Kyle_M

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:04:07 AM

Posted 14 August 2009 - 01:18 PM

So I am not sure if its related or not, but when i plug anything in to my usb ports the computer freezes. that's what started, then whenever i tried to open an exe file it would ask what program to use to open. searching through various forums i found a exefix_xp. that solved the problem for i while, then i had to do it again. now i have a window pop up when my computer starts, and every time i open a program. "the application or DLL globalroot\systemroot\system32\SKYNETldmigiqj.dll is not a valid windows image. please check this against your installation diskette" and its the same message every time. also whenever i clink on a link in google i will direct me to a random different site. not sure if it is related to any of this. and when i look at my file names for instance my documents the location is C:\Documents and Settings\TEMP\My Documents. and i don't know why they all have temp in the file locations, because it didn't use to be that way. I have used ad aware ccleaner, malware bytes, spybot, and avg. they have detected SKYNET as a trojan but non have removed it. i have a copy of my hijack this log any help would be gratefully appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:49:17 PM, on 8/14/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dvdpaly.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\sofatnet.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\TEMP\Desktop\third.exe
C:\WINDOWS\system32\wiawow32.sys

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.220 intsecure.microsoft.com
O1 - Hosts: 91.212.127.220 intsecure-2009.com
O1 - Hosts: 91.212.127.220 www.intsecure-2009.com
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: (no name) - {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Kendra')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-1008\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp (User 'Kendra')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-1008\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Kendra')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Kendra')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-1008\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Kendra')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-501\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Guest')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-501\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Guest')
O4 - HKUS\S-1-5-21-3013673612-3101054561-2563110801-501\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Guest')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MasterCook Web Import Bar - {E6EF5071-7647-4E85-9785-87B6CF5CB561} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - http://pconweb.darden.com/includes/smsx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.popcap.com/games/popcaploader_v6.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O22 - SharedTaskScheduler: doctordom - {d1577581-2ed7-469f-99b1-72c1339e0ee0} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: sofatnet Service (sofatnet) - Sigma Designs In - C:\WINDOWS\system32\sofatnet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 12877 bytes

Edited by Kyle_M, 14 August 2009 - 01:22 PM.


BC AdBot (Login to Remove)

 


#2 Kyle_M

Kyle_M
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:04:07 AM

Posted 14 August 2009 - 06:24 PM

dds log

DDS (Ver_09-07-30.01) - NTFSx86
Run by Kyle Mitchell at 18:49:45.34 on Fri 08/14/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.894.200 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\sofatnet.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\TEMP\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.comcast.net
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uWindow Title = Microsoft Internet Explorer presented by Comcast
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = www.google.com
mSearch Bar = hxxp://www.google.com/ie
mWindow Title = Microsoft Internet Explorer presented by Comcast
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.comcast.net/toolbar2.0/search/
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
EB: MasterCook Bar: {c92041c1-6d22-4069-ba0e-66246aa752b0} - c:\windows\system32\shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ccleaner] "c:\program files\ccleaner\ccleaner.exe" /AUTO
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LXBUCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXBUtime.dll,_RunDLLEntry@16
mRun: [IPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRun: [Monopod] c:\windows\temp\b.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0} - c:\windows\system32\shdocvw.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - hxxp://housecall60.trendmicro.com/housecall/xscan60.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://pconweb.darden.com/includes/smsx.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} - hxxps://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/games/popcaploader_v6.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\coreftp\pftpns.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {d1577581-2ed7-469f-99b1-72c1339e0ee0} - No File
SEH: {40847941-2F5E-4BEB-802C-74849B8BA2E4} - No File
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\temp\applic~1\mozilla\firefox\profiles\j9crvi4b.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMySrWB.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-26 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-8-2 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-8-2 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-2 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-2 297752]
R2 EvdoServer;EvdoServer;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1029456]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-15 34064]
R2 sofatnet;sofatnet Service;c:\windows\system32\sofatnet.exe [2004-8-4 94720]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-4-19 24652]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]
RUnknown jcmgmfk;jcmgmfk; [x]
RUnknown xleltnph;xleltnph; [x]
S2 Ias;Microsoft Security Services Management;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\34.tmp --> c:\windows\system32\34.tmp [?]

=============== Created Last 30 ================

2009-08-13 20:39 <DIR> --d----- c:\program files\Sophos
2009-08-13 14:08 1,061 a------- c:\windows\wininit.ini
2009-08-13 12:24 <DIR> --d----- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-08-13 12:24 <DIR> --d----- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-08-13 12:24 <DIR> --d----- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-08-13 12:24 <DIR> --d----- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-08-11 21:52 262,144 a------- c:\windows\system32\default_user_class.dat
2009-08-11 21:20 <DIR> --d----- c:\docume~1\temp\applic~1\Malwarebytes
2009-08-11 21:17 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-11 21:17 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-11 21:17 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-11 21:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-10 12:44 27,136 a--sh--- c:\windows\system32\LCB1F.tmp.exe
2009-08-10 12:09 27,136 a--sh--- c:\windows\system32\L8A15.tmp.exe
2009-08-10 11:54 26,624 a--sh--- c:\windows\system32\L9E8B.tmp.exe
2009-08-10 11:31 26,624 a--sh--- c:\windows\system32\L4D64.tmp.exe
2009-08-10 10:44 26,624 a--sh--- c:\windows\system32\L65A.tmp.exe
2009-08-10 08:15 26,624 a--sh--- c:\windows\system32\LD5AA.tmp.exe
2009-08-10 07:39 26,624 a--sh--- c:\windows\system32\LB2A2.tmp.exe
2009-08-10 06:31 26,624 a--sh--- c:\windows\system32\LF98C.tmp.exe
2009-08-10 03:50 <DIR> --d----- c:\program files\wxfrgh
2009-08-10 03:41 120 a------- c:\windows\system32\358361390.BAT
2009-08-10 00:54 <DIR> --d----- c:\docume~1\temp\applic~1\McAfee
2009-08-09 23:25 27,136 a--sh--- c:\windows\system32\L8BD7.tmp.exe
2009-08-09 22:45 27,136 a--sh--- c:\windows\system32\LC1A1.tmp.exe
2009-08-09 21:53 27,136 a--sh--- c:\windows\system32\LE20E.tmp.exe
2009-08-09 05:09 <DIR> --d----- c:\program files\WinPcap
2009-08-07 00:25 27,136 a--sh--- c:\windows\system32\L8F1D.tmp.exe
2009-08-06 21:27 27,136 a--sh--- c:\windows\system32\L8283.tmp.exe
2009-08-06 20:43 27,136 a--sh--- c:\windows\system32\L547.tmp.exe
2009-08-06 20:28 27,136 a--sh--- c:\windows\system32\L8614.tmp.exe
2009-08-06 13:18 0 a--sh--- c:\windows\system32\LB2EC.tmp.exe
2009-08-06 12:42 0 a--sh--- c:\windows\system32\L8862.tmp.exe
2009-08-06 12:40 0 a--sh--- c:\windows\system32\LD8.tmp.exe
2009-08-06 12:11 0 a--sh--- c:\windows\system32\LDFF1.tmp.exe
2009-08-06 10:12 <DIR> --d----- c:\program files\UPHClean
2009-08-06 10:03 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2009-08-06 10:03 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-08-06 10:03 17,408 a------- c:\windows\system32\dllcache\xrxscnui.dll
2009-08-06 10:03 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2009-08-06 10:03 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2009-08-06 10:01 53,760 a------- c:\windows\system32\dllcache\wiamsmud.dll
2009-08-06 10:00 249,402 a------- c:\windows\system32\dllcache\vinwm.sys
2009-08-06 09:59 94,720 a------- c:\windows\system32\dllcache\umaxud32.dll
2009-08-06 09:58 525,568 a------- c:\windows\system32\dllcache\tridxp.dll
2009-08-06 09:57 455,168 a------- c:\windows\system32\dllcache\tintsetp.exe
2009-08-06 09:56 30,688 a------- c:\windows\system32\dllcache\sym_u3.sys
2009-08-06 09:55 24,660 a------- c:\windows\system32\dllcache\spxupchk.dll
2009-08-06 09:54 24,576 a------- c:\windows\system32\dllcache\smc8000n.sys
2009-08-06 09:53 68,608 a------- c:\windows\system32\dllcache\sis6306p.sys
2009-08-06 09:52 17,280 a------- c:\windows\system32\dllcache\scr111.sys
2009-08-06 09:51 41,216 a------- c:\windows\system32\dllcache\s3mt3d.sys
2009-08-06 09:50 23,040 a------- c:\windows\system32\dllcache\EXCH_regtrace.exe
2009-08-06 09:49 159,232 a------- c:\windows\system32\dllcache\ptpusd.dll
2009-08-06 09:48 211,712 a------- c:\windows\system32\dllcache\perm2dll.dll
2009-08-06 09:47 31,872 a------- c:\windows\system32\dllcache\ovce.sys
2009-08-06 09:46 87,040 a------- c:\windows\system32\dllcache\nm6wdm.sys
2009-08-06 09:45 75,520 a------- c:\windows\system32\dllcache\mxport.sys
2009-08-06 09:44 35,200 a------- c:\windows\system32\dllcache\msgame.sys
2009-08-06 09:43 48,768 a------- c:\windows\system32\dllcache\maestro.sys
2009-08-06 09:42 47,066 a------- c:\windows\system32\dllcache\ksc.nls
2009-08-06 09:41 35,328 a------- c:\windows\system32\dllcache\iprip.dll
2009-08-06 09:40 91,136 a------- c:\windows\system32\dllcache\icam4com.dll
2009-08-06 09:39 1,041,536 a------- c:\windows\system32\dllcache\hsfdpsp2.sys
2009-08-06 09:38 32,768 a------- c:\windows\system32\dllcache\hpgtmcro.dll
2009-08-06 09:37 322,432 a------- c:\windows\system32\dllcache\g400m.sys
2009-08-06 09:36 11,850 a------- c:\windows\system32\dllcache\f3ab18xj.sys
2009-08-06 09:35 18,503 a------- c:\windows\system32\dllcache\epro4.sys
2009-08-06 09:34 26,698 a------- c:\windows\system32\dllcache\dlh5xnd5.sys
2009-08-06 09:33 117,760 a------- c:\windows\system32\dllcache\d100ib5.sys
2009-08-06 09:32 78,336 a------- c:\windows\system32\dllcache\chajei.ime
2009-08-06 09:31 60,416 a------- c:\windows\system32\dllcache\brserwdm.sys
2009-08-06 09:30 63,663 a------- c:\windows\system32\dllcache\ati1rvxx.sys
2009-08-06 09:29 32,827 a------- c:\windows\system32\dllcache\tcptest.exe
2009-08-04 19:57 <DIR> --d----- c:\docume~1\temp\applic~1\CoreFTP
2009-08-02 20:07 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-08-02 20:03 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-02 20:03 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-08-02 20:02 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-02 20:02 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-08-02 20:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2009-08-02 20:01 <DIR> --d----- c:\program files\AVG
2009-08-02 20:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-08-02 19:39 <DIR> --d----- c:\docume~1\temp\applic~1\AVG8
2009-08-01 20:57 <DIR> a-d----- c:\windows\system32\images

==================== Find3M ====================

2009-08-11 21:45 825 ----h--- c:\windows\fonts\mlog
2009-06-25 23:12 15,688 a------- c:\windows\system32\lsdelete.exe
2009-06-25 23:11 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-06-25 22:43 10,752 a------- c:\windows\DCEBoot.exe
2009-06-22 03:01 0 a------- C:\bwyi.exe
2009-06-22 03:01 0 a------- C:\fnwojc.exe
2009-06-22 03:01 0 a------- C:\qyvjuj.exe
2009-06-22 03:01 0 a------- C:\agutoq.exe
2009-04-16 18:03 0 a------- c:\docume~1\temp\applic~1\wklnhst.dat

============= FINISH: 18:59:33.34 ===============


gmer log

GMER 1.0.15.15020 [tewyfq4m.exe] - http://www.gmer.net
Rootkit scan 2009-08-14 19:14:42
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

Code 85603500 ZwEnumerateKey
Code 8555E440 ZwFlushInstructionCache
Code 85558CA6 IofCallDriver
Code 8552E4EE IofCompleteRequest

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 859651E8

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)

Device \Driver\usbohci \Device\USBPDO-0 857DE7A0
Device \Driver\usbohci \Device\USBPDO-1 857DE7A0
Device \Driver\usbehci \Device\USBPDO-2 857DF7A0

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\Ftdisk \Device\HarddiskVolume1 859D41E8
Device \Driver\atapi \Device\Ide\IdePort0 859661E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 859661E8
Device \Driver\atapi \Device\Ide\IdePort1 859661E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e 859661E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 853921E8
Device \Driver\NetBT \Device\NetbiosSmb 853921E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E78370EC-0FE6-4C7E-9B7D-EFBBD5801965} 853921E8

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\usbohci \Device\USBFDO-0 857DE7A0
Device \Driver\usbohci \Device\USBFDO-1 857DE7A0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8535E7A0
Device \Driver\usbehci \Device\USBFDO-2 857DF7A0
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8535E7A0
Device \Driver\Ftdisk \Device\FtControl 859D41E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{65E63B54-612E-4313-961E-353B13798321} 853921E8
Device \FileSystem\Cdfs \Cdfs 856E51E8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x28 0xDA 0xB0 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x92 0xFD 0xD8 0x80 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x44 0xC3 0xDD 0x59 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x28 0xDA 0xB0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x92 0xFD 0xD8 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x44 0xC3 0xDD 0x59 ...
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd@imagepath \systemroot\system32\drivers\SKYNETkmqrsnto.sys
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main@aid 10131
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main@sid 0
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main@cmddelay 14400
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main\connections (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main\delete (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main\injector (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\main\tasks (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETkmqrsnto.sys
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\modules@SKYNETcmd.dll \systemroot\system32\SKYNETqowomnve.dll
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\modules@SKYNETlog.dat \systemroot\system32\SKYNETfdytpxvn.dat
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\modules@SKYNETwsp.dll \systemroot\system32\SKYNETldmigiqj.dll
Reg HKLM\SYSTEM\ControlSet003\Services\SKYNETafysargd\modules@SKYNET.dat \systemroot\system32\SKYNETupveoemp.dat
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x28 0xDA 0xB0 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x92 0xFD 0xD8 0x80 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x44 0xC3 0xDD 0x59 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x28 0xDA 0xB0 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x92 0xFD 0xD8 0x80 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x44 0xC3 0xDD 0x59 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd@imagepath \systemroot\system32\drivers\SKYNETkmqrsnto.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main@aid 10131
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main@sid 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main@cmddelay 14400
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main\connections
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main\delete
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main\injector
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\main\tasks
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETkmqrsnto.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\modules@SKYNETcmd.dll \systemroot\system32\SKYNETqowomnve.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\modules@SKYNETlog.dat \systemroot\system32\SKYNETfdytpxvn.dat
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\modules@SKYNETwsp.dll \systemroot\system32\SKYNETldmigiqj.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETafysargd\modules@SKYNET.dat \systemroot\system32\SKYNETupveoemp.dat
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x28 0xDA 0xB0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x92 0xFD 0xD8 0x80 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x44 0xC3 0xDD 0x59 ...
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd@start 1
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd@type 1
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd@group file system
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd@imagepath \systemroot\system32\drivers\SKYNETkmqrsnto.sys
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main@aid 10131
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main@sid 0
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main@cmddelay 14400
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main\connections (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main\delete (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main\injector (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\main\tasks (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETkmqrsnto.sys
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\modules@SKYNETcmd.dll \systemroot\system32\SKYNETqowomnve.dll
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\modules@SKYNETlog.dat \systemroot\system32\SKYNETfdytpxvn.dat
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\modules@SKYNETwsp.dll \systemroot\system32\SKYNETldmigiqj.dll
Reg HKLM\SYSTEM\ControlSet006\Services\SKYNETafysargd\modules@SKYNET.dat \systemroot\system32\SKYNETupveoemp.dat
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x28 0xDA 0xB0 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x92 0xFD 0xD8 0x80 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x44 0xC3 0xDD 0x59 ...
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager@ CCETIUIContentManager Object
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager\CLSID@ {136C3D0D-2722-4DEC-A865-26526C6A9081}
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager\CurVer@ CETIUI.CETIUIContentManager.1
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager.1@ CCETIUIContentManager Object
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CETIUIContentManager.1\CLSID@ {136C3D0D-2722-4DEC-A865-26526C6A9081}
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl@ CETIUI Skin Control
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl\CLSID@ {D657569D-3EE4-4EA9-90C7-9587809ED482}
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl\CurVer@ CETIUI.CetiUIControl.1
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl.1@ CETIUI Skin Control
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIControl.1\CLSID@ {D657569D-3EE4-4EA9-90C7-9587809ED482}
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils@ CCetiUIGraphicUtils Object
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils\CLSID@ {D1DAF049-2228-4E2E-8BDA-A80117B48BBD}
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils\CurVer@ CETIUI.CetiUIGraphicUtils.1
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils.1@ CCetiUIGraphicUtils Object
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIGraphicUtils.1\CLSID@ {D1DAF049-2228-4E2E-8BDA-A80117B48BBD}
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin@ CCetiUIPlugin Object
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin\CLSID@ {F3B44E84-0371-4F00-B26D-1C897C09A14D}
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin\CurVer@ CETIUI.CetiUIPlugin.1
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin.1@ CCetiUIPlugin Object
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.CetiUIPlugin.1\CLSID@ {F3B44E84-0371-4F00-B26D-1C897C09A14D}
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls@ CControls Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls\CLSID@ {578695FE-928A-41A3-83EF-41B46BCF1C3F}
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls\CurVer@ CETIUI.Controls.1
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls.1@ CControls Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Controls.1\CLSID@ {578695FE-928A-41A3-83EF-41B46BCF1C3F}
Reg HKLM\SOFTWARE\Classes\CETIUI.Form@ CForm Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Form\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Form\CLSID@ {8958B6A3-44E4-40DC-A574-EFC6C8783251}
Reg HKLM\SOFTWARE\Classes\CETIUI.Form\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.Form\CurVer@ CETIUI.Form.1
Reg HKLM\SOFTWARE\Classes\CETIUI.Form.1@ CForm Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Form.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Form.1\CLSID@ {8958B6A3-44E4-40DC-A574-EFC6C8783251}
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms@ CForms Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms\CLSID@ {50980323-6EBA-4F70-A897-80627E8B2EEB}
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms\CurVer@ CETIUI.Forms.1
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms.1@ CForms Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Forms.1\CLSID@ {50980323-6EBA-4F70-A897-80627E8B2EEB}
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController@ CScriptController Object
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController\CLSID@ {7FD61FB8-4D11-417B-BFB8-0D246FA5AD8E}
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController\CurVer@ CETIUI.ScriptController.2
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController.2@ CScriptController Object
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController.2\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.ScriptController.2\CLSID@ {7FD61FB8-4D11-417B-BFB8-0D246FA5AD8E}
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin@ CSkin Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin\CLSID@ {D67BE938-7D4C-4E1A-BF93-C41C763DA69E}
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin\CurVer@ CETIUI.Skin.1
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin.1@ CSkin Object
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.Skin.1\CLSID@ {D67BE938-7D4C-4E1A-BF93-C41C763DA69E}
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader@ CSkinLoader Object
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader\CLSID@ {53054632-3FD4-4948-B2CB-3E608989E6F0}
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader\CurVer@ CETIUI.SkinLoader.1
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader.1@ CSkinLoader Object
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUI.SkinLoader.1\CLSID@ {53054632-3FD4-4948-B2CB-3E608989E6F0}
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml@ CCETIUIHtml Object
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml\CLSID@ {46523DDC-2C40-4032-8ED1-AFDEBC30D088}
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml\CurVer@ CETIUIHtmlPlugin.CETIUIHtml.1
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml.1@ CCETIUIHtml Object
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtml.1\CLSID@ {46523DDC-2C40-4032-8ED1-AFDEBC30D088}
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSam.1@ CCETIUIHtmlHandlerSample Object
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSam.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSam.1\CLSID@ {A3BAA894-DA62-4345-8E7A-9DDAAEDC1EEA}
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSampl@ CCETIUIHtmlHandlerSample Object
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSampl\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSampl\CLSID@ {A3BAA894-DA62-4345-8E7A-9DDAAEDC1EEA}
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSampl\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUIHtmlPlugin.CETIUIHtmlHandlerSampl\CurVer@ CETIUIHtmlPlugin.CETIUIHtmlHandlerSam.1
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton@ CCetiUIButton Object
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton\CLSID@ {A179BD30-DE1E-445D-8AB2-22239F2911B2}
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton\CurVer
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton\CurVer@ CETIUIPluginPack1.CetiUIButton.1
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton.1@ CCetiUIButton Object
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton.1\CLSID
Reg HKLM\SOFTWARE\Classes\CETIUIPluginPack1.CetiUIButton.1\CLSID@ {A179BD30-DE1E-445D-8AB2-22239F2911B2}
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand@ CCETIUIHtmlExternalHandler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand\CLSID@ {FD3D03B4-7855-4D96-9991-9DA593389819}
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand\CurVer@ HPCETI.CETIUIHtmlExternalHand.1
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand.1@ CCETIUIHtmlExternalHandler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUIHtmlExternalHand.1\CLSID@ {FD3D03B4-7855-4D96-9991-9DA593389819}
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions@ CCETIUISkinUtilFunctions Object
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions\CLSID@ {084E6553-338B-4019-BEAC-74FA6D1DF545}
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions\CurVer@ HPCETI.CETIUISkinUtilFunctions.1
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions.1@ CCETIUISkinUtilFunctions Object
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.CETIUISkinUtilFunctions.1\CLSID@ {084E6553-338B-4019-BEAC-74FA6D1DF545}
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive@ HPCETI DArC Class
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive\CLSID@ {11EF5264-3529-4a73-8C0E-C8EC04DDCE8D}
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive\CurVer@ HPCETI.DataArchive.1
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive.1@ HPCETI DArC Class
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.DataArchive.1\CLSID@ {11EF5264-3529-4a73-8C0E-C8EC04DDCE8D}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService@ HPCompMgrService Class
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService\CLSID@ {8A5339F3-EC14-4521-B132-83E952B19E80}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService\CurVer@ HPCETI.HPCompMgrService.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService.1@ HPCompMgrService Class
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPCompMgrService.1\CLSID@ {8A5339F3-EC14-4521-B132-83E952B19E80}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter@ HP Data Transmission Component
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter\CLSID@ {D8C17400-19B6-4A77-8040-19010CF1E50C}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter\CurVer@ HPCETI.HPDataTransmitter.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter.1@ HP Data Transmission Component
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPDataTransmitter.1\CLSID@ {D8C17400-19B6-4A77-8040-19010CF1E50C}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT@ HPHUT Class
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT\CLSID@ {97188423-CA6A-432F-A933-FB7B45DFAF17}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT\CurVer@ HPCETI.HPHUT.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT.1@ HPHUT Class
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPHUT.1\CLSID@ {97188423-CA6A-432F-A933-FB7B45DFAF17}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask@ CHPScheduledTask Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask\CLSID@ {72A5513A-3A66-44F2-BF3F-F2E88FF29E78}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask\CurVer@ HPCETI.HPScheduledTask.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask.1@ CHPScheduledTask Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTask.1\CLSID@ {72A5513A-3A66-44F2-BF3F-F2E88FF29E78}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor@ CHPScheduledTaskMonitor Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor\CLSID@ {4BC953C2-80F3-45BB-B9EC-C46363F0DE35}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor\CurVer@ HPCETI.HPScheduledTaskMonitor.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor.1@ CHPScheduledTaskMonitor Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskMonitor.1\CLSID@ {4BC953C2-80F3-45BB-B9EC-C46363F0DE35}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger@ CHPScheduledTaskTrigger Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger\CLSID@ {C8FC20BA-4E13-4C73-932E-B1DB49862F6D}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger\CurVer@ HPCETI.HPScheduledTaskTrigger.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger.1@ CHPScheduledTaskTrigger Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPScheduledTaskTrigger.1\CLSID@ {C8FC20BA-4E13-4C73-932E-B1DB49862F6D}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr@ CHPTaskMgr Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr\CLSID@ {66B093B7-B5E3-4CFE-B32B-FEB55F172481}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr\CurVer@ HPCETI.HPTaskMgr.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr.1@ CHPTaskMgr Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskMgr.1\CLSID@ {66B093B7-B5E3-4CFE-B32B-FEB55F172481}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler@ CHPTaskScheduler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler\CLSID@ {272CEA1E-DBFA-4E44-A28C-A8ED9ECA4399}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler\CurVer@ HPCETI.HPTaskScheduler.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler.1@ CHPTaskScheduler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTaskScheduler.1\CLSID@ {272CEA1E-DBFA-4E44-A28C-A8ED9ECA4399}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin@ InetPlugin Class
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin\CLSID@ {2B03BD97-99C5-4DA6-8564-F32861520F82}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin\CurVer@ HPCETI.HPTMInetPlugin.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin.1@ InetPlugin Class
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMInetPlugin.1\CLSID@ {2B03BD97-99C5-4DA6-8564-F32861520F82}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin@ CScheduler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin\CLSID@ {8E7E2652-0A15-423E-9E5E-02CFB1FE74AF}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin\CurVer@ HPCETI.HPTMSchedulePlugin.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin.1@ CScheduler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPTMSchedulePlugin.1\CLSID@ {8E7E2652-0A15-423E-9E5E-02CFB1FE74AF}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController@ CHPUIController Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController\CLSID@ {FF052B6D-70D2-4130-BB0E-EDEF9825594D}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController\CurVer@ HPCETI.HPUIController.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController.1@ CHPUIController Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPUIController.1\CLSID@ {FF052B6D-70D2-4130-BB0E-EDEF9825594D}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr@ CHPZipFile Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr\CLSID@ {DCBED622-E42A-4265-A8D7-5C821C23F35A}
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr\CurVer@ HPCETI.HPZipMgr.1
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr.1@ CHPZipFile Object
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.HPZipMgr.1\CLSID@ {DCBED622-E42A-4265-A8D7-5C821C23F35A}
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr@ HPCETI.OverlandSolMgr
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr\CLSID@ {A02ED9E9-8D36-473A-98ED-C253A40765DE}
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr\CurVer@ HPCETI.OverlandSolMgr.1
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr.1@ HPCETI.OverlandSolMgr
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.OverlandSolMgr.1\CLSID@ {A02ED9E9-8D36-473A-98ED-C253A40765DE}
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager@ CContentManager Object
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager\CLSID@ {12DB8D34-8419-4C47-A61A-33DE59E6ED75}
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager\CurVer@ HPCETI.UIContentManager.1
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager.1@ CContentManager Object
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.UIContentManager.1\CLSID@ {12DB8D34-8419-4C47-A61A-33DE59E6ED75}
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol@ CZipHandler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol\CLSID@ {CF184AD3-CDCB-4168-A3F7-8E447D129300}
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol\CurVer
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol\CurVer@ HPCETI.UIZipProtocol.1
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol.1@ CZipHandler Object
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPCETI.UIZipProtocol.1\CLSID@ {CF184AD3-CDCB-4168-A3F7-8E447D129300}

Hello Kyle_M,

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

Thank you for understanding.

Regards,

The weatherman
(Moderator)

Attached Files


Edited by The weatherman, 15 August 2009 - 06:02 PM.


#3 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:12:07 AM

Posted 27 August 2009 - 01:32 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,009 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:07 AM

Posted 04 September 2009 - 05:19 AM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users