system
21
8/12/2004 2:55:00 PM | Attr = ]
{733E9132-53CA-4C97-9AC9-145C4502FA20} [HKLM] → %System32%\rqrqomm.dll [Reg Data - Value does not exist] → File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] → Reg Data - Key not found [Reg Data - Key not found] → File not found
{89AD4D75-2429-462e-BD4E-443F233F6033} [HKLM] → %System32%\vtquqiex.dll [Reg Data - Value does not exist] → File not found
{E8A11B0B-1C19-4C36-B956-F0C213CF18DF} [HKLM] → %System32%\vturr.dll [Reg Data - Value does not exist] → [Ver = | Size = 244832 bytes | Modified Date = 9/19/2007 4:49:34 AM | Attr = ]
< Internet Explorer Bars [HKCU] > → HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ →
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] → Reg Data - Key not found [Reg Data - Key not found] → File not found
< Internet Explorer ToolBars [HKLM] > → HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar →
[HKLM] → Reg Data - Key not found → File not found
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] → %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\HPDTLK02.dll [HP View] → Hewlett-Packard Company [Ver = 1.0.0.7 | Size = 98304 bytes | Modified Date = 11/21/2003 4:26:28 AM | Attr = ]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKLM] → Reg Data - Key not found [Reg Data - Key not found] → File not found
< Internet Explorer ToolBars [HKCU] > → HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ →
ShellBrowser\{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] → %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\HPDTLK02.dll [HP View] → Hewlett-Packard Company [Ver = 1.0.0.7 | Size = 98304 bytes | Modified Date = 11/21/2003 4:26:28 AM | Attr = ]
< Internet Explorer Menu Extensions [HKCU] > → HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ →
E&xport to Microsoft Excel → → File not found
< User Agent Post Platform [HKLM] > → HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform →
SV1 → →
< DNS Name Servers [HKLM] > → HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ →
{1AF1AB90-7611-4EF5-9EAC-76B4D4CF6D36} → (Realtek RTL8139/810x Family Fast Ethernet NIC) →
{22EC5A37-74D9-46B2-963C-7E18D6427A2E} → (1394 Net Adapter) →
{32564508-58B8-45A1-9A54-0B1E9C5D32A3} → (1394 Net Adapter) →
{5C79B13D-D4E6-41B5-8537-A193B74756ED} → () →
{690E8785-F190-4F25-8406-EAEDB088921C} → (Realtek RTL8139/810x Family Fast Ethernet NIC) →
{7C777C7A-6DEF-4F41-91BB-8AC28D08D0D7} → (1394 Net Adapter) →
{7D4EEF3A-321A-4114-8A31-619F7E7D68E3} → (1394 Net Adapter) →
{B0043B74-DEA3-411A-AEA4-86C8487645A8} → (Broadcom 802.11b) →
{B146B9C6-05FB-40C5-AAF9-4424DAD1C800} → (1394 Net Adapter) →
{C1D6AC56-DFF8-49B8-9E4A-81C6919FE1BA} → (Broadcom 802.11b) →
{EECAB3FF-1C5B-4C5B-B679-9AF04C2FC3B3} → (1394 Net Adapter) →
< Protocol Handlers [HKLM] > → HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ →
cetihpz → %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll → Hewlett-Packard Company [Ver = 2.1.6.2 | Size = 81920 bytes | Modified Date = 1/12/2005 2:54:56 PM | Attr = ]
ipp → Reg Data - Key not found → File not found
msdaipp → Reg Data - Key not found → File not found
< Downloaded Program Files > → HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ →
{00000055-9980-0010-8000-00AA00389B71} → - CodeBase = http://codecs.microsoft.com/codecs/i386/fhg.CAB →
{D27CDB6E-AE6D-11CF-96B8-444553540000} → - CodeBase = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab →
Microsoft XML Parser for Java → - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab →
[Registry - Additional Scans - Non-Microsoft Only]
< Security Settings > → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify → 0 →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify → 0 →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify → 0 →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride → 0 →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride → 0 →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ → →
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ → →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ → →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Type → 32 →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Start → 2 →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ErrorControl → 1 →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ImagePath → %SystemRoot%\System32\svchost.exe -k netsvcs →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\DisplayName → Background Intelligent Transfer Service →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\DependOnService → Rpcss; →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\DependOnGroup → →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ObjectName → LocalSystem →
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Description → Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled. →
