Win32/Bflient.K

igaul.exe , esve.exe (Trojan download multiple malware)

MD5 : af880be8c447061b5de56797974b62f1

SHA1 : 83bf504fdaa405172dfba9a750df5f03e669be15

...

Antivirus	Version	Last Update	Result
AhnLab-V3	2010.09.24.00	2010.09.24	-
AntiVir	7.10.12.28	2010.09.24	-
Antiy-AVL	2.0.3.7	2010.09.24	-
Authentium	5.2.0.5	2010.09.24	-
Avast	4.8.1351.0	2010.09.23	-
Avast5	5.0.594.0	2010.09.23	-
AVG	9.0.0.851	2010.09.24	Dropper.Generic2.BAIY
BitDefender	7.2	2010.09.24	-
CAT-QuickHeal	11.00	2010.09.24	-
ClamAV	0.96.2.0-git	2010.09.24	-
Comodo	6186	2010.09.24	-
DrWeb	5.0.2.03300	2010.09.24	-
Emsisoft	5.0.0.37	2010.09.24	-
eSafe	7.0.17.0	2010.09.21	-
eTrust-Vet	36.1.7874	2010.09.24	-
F-Prot	4.6.2.117	2010.09.24	-
F-Secure	9.0.15370.0	2010.09.24	-
Fortinet	4.1.143.0	2010.09.24	-
GData	21	2010.09.24	-
Ikarus	T3.1.1.88.0	2010.09.24	-
Jiangmin	13.0.900	2010.09.21	-
K7AntiVirus	9.63.2589	2010.09.23	-
Kaspersky	7.0.0.125	2010.09.24	-
McAfee	5.400.0.1158	2010.09.24	-
McAfee-GW-Edition	2010.1C	2010.09.24	-
Microsoft	1.6201	2010.09.24	-
NOD32	5476	2010.09.24	Win32/Bflient.K
Norman	6.06.06	2010.09.24	-
nProtect	2010-09-24.02	2010.09.24	-
Panda	10.0.2.7	2010.09.24	-
PCTools	7.0.3.5	2010.09.24	-
Prevx	3.0	2010.09.24	Low Risk Adware
Rising	22.66.00.07	2010.09.21	-
Sophos	4.58.0	2010.09.24	-
Sunbelt	6922	2010.09.24	-
SUPERAntiSpyware	4.40.0.1006	2010.09.24	-
Symantec	20101.1.1.7	2010.09.24	-
TheHacker	6.7.0.0.029	2010.09.23	-
TrendMicro	9.120.0.1004	2010.09.24	-
TrendMicro-HouseCall	9.120.0.1004	2010.09.24	-
VBA32	3.12.14.1	2010.09.24	-
ViRobot	2010.9.24.4059	2010.09.24	-
VirusBuster	12.65.23.0	2010.09.23	-

...

อาการ

จะขึ้นหน้าต่าง Microsoft Security Essential Alert

Internet ไม่สามารถใช้งานได้

Task manager ไม่สามารถใช้งานได้

สร้างไฟล์ใน Temp จำนวนมาก แบบ Random

-------------------------------------------------------------------------

Files Added

%UserProfile%\Application Data\esve.exe

%UserProfile%\Application Data\ohydy.exe

%Temp%\5378685.exe

%\system32%\wuaucldt.exe

%UserProfile%\wuaucldt.exe

%Temp%\Cab122.tmp

%Temp%\Tar123.tmp

%Temp%\114.exe

%Temp%\8815.exe

%WinDir%\cfdrive32.exe

%Temp%\qkua.exe

%Temp%\eneor.exe

%Temp%\dymbmbjl.exe

%Temp%\igaul.exe

%Temp%\cvtd.exe

%Temp%\6606.exe

%Temp%\jytr.exe

C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe

%UserProfile%\Application Data\igaul.exe

%\system32%\drivers\4142850540.sys

%Temp%\hahapd.exe

%Temp%\ksleed.sys

%Temp%\cncojb.exe

%Temp%\jhjilg.exe

%Temp%\kdkdpf.exe

%Temp%\hehfbi.exe

%Temp%\jmjnli.exe C

%Temp%\nckiya.exe

%Temp%\esve.exe

%Temp%\rjtikh.exe

%Temp%\aiygquy.exe

%Temp%\xwjlewr.exe

%Temp%\bbkmt.exe

%\system32%\drivers\cdrom.sys

Keys Added

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\Control
HKLM\SYSTEM\ControlSet002\Services\25125f4\Enum
HKLM\SYSTEM\ControlSet002\Services\AsyncMac\Enum
HKLM\SYSTEM\ControlSet002\Services\ati2mtag\Enum
HKLM\SYSTEM\ControlSet002\Services\Atmarpc\Enum
HKLM\SYSTEM\ControlSet002\Services\avfwim\Enum
HKLM\SYSTEM\ControlSet002\Services\Cdaudio\Enum
HKLM\SYSTEM\ControlSet002\Services\Changer\Enum
HKLM\SYSTEM\ControlSet002\Services\Fdc\Enum
HKLM\SYSTEM\ControlSet002\Services\FETNDIS\Enum
HKLM\SYSTEM\ControlSet002\Services\Flpydisk\Enum
HKLM\SYSTEM\ControlSet002\Services\gameenum\Enum
HKLM\SYSTEM\ControlSet002\Services\i2omgmt\Enum
HKLM\SYSTEM\ControlSet002\Services\Ip6Fw\Enum
HKLM\SYSTEM\ControlSet002\Services\IpInIp\Enum
HKLM\SYSTEM\ControlSet002\Services\IRENUM\Enum
HKLM\SYSTEM\ControlSet002\Services\lbrtfdc\Enum
HKLM\SYSTEM\ControlSet002\Services\Modem\Enum
HKLM\SYSTEM\ControlSet002\Services\MSKSSRV\Enum
HKLM\SYSTEM\ControlSet002\Services\MSPCLOCK\Enum
HKLM\SYSTEM\ControlSet002\Services\MSPQM\Enum
HKLM\SYSTEM\ControlSet002\Services\nmwcd\Enum
HKLM\SYSTEM\ControlSet002\Services\nmwcdc\Enum
HKLM\SYSTEM\ControlSet002\Services\nmwcdnsu\Enum
HKLM\SYSTEM\ControlSet002\Services\NwlnkFlt\Enum
HKLM\SYSTEM\ControlSet002\Services\NwlnkFwd\Enum
HKLM\SYSTEM\ControlSet002\Services\pccsmcfd\Enum
HKLM\SYSTEM\ControlSet002\Services\PCIDump\Enum
HKLM\SYSTEM\ControlSet002\Services\PDCOMP\Enum
HKLM\SYSTEM\ControlSet002\Services\PDFRAME\Enum
HKLM\SYSTEM\ControlSet002\Services\PDRELI\Enum
HKLM\SYSTEM\ControlSet002\Services\PDRFRAME\Enum
HKLM\SYSTEM\ControlSet002\Services\RDPWD\Enum
HKLM\SYSTEM\ControlSet002\Services\s3m\Enum
HKLM\SYSTEM\ControlSet002\Services\TDPIPE\Enum
HKLM\SYSTEM\ControlSet002\Services\TDTCP\Enum
HKLM\SYSTEM\ControlSet002\Services\upperdev\Enum
HKLM\SYSTEM\ControlSet002\Services\usbser\Enum
HKLM\SYSTEM\ControlSet002\Services\UsbserFilt\Enum
HKLM\SYSTEM\ControlSet002\Services\WDICA\Enum
HKLM\SYSTEM\ControlSet002\Services\ZTEusbmdm6k\Enum
HKLM\SYSTEM\ControlSet002\Services\ZTEusbnmea\Enum
HKLM\SYSTEM\ControlSet002\Services\ZTEusbser6k\Enum
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\Control
HKLM\SYSTEM\CurrentControlSet\Services\25125f4\Enum
HKLM\SYSTEM\CurrentControlSet\Services\AsyncMac\Enum
HKLM\SYSTEM\CurrentControlSet\Services\ati2mtag\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Atmarpc\Enum
HKLM\SYSTEM\CurrentControlSet\Services\avfwim\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Cdaudio\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Changer\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Fdc\Enum
HKLM\SYSTEM\CurrentControlSet\Services\FETNDIS\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Flpydisk\Enum
HKLM\SYSTEM\CurrentControlSet\Services\gameenum\Enum
HKLM\SYSTEM\CurrentControlSet\Services\i2omgmt\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Ip6Fw\Enum
HKLM\SYSTEM\CurrentControlSet\Services\IpInIp\Enum
HKLM\SYSTEM\CurrentControlSet\Services\IRENUM\Enum
HKLM\SYSTEM\CurrentControlSet\Services\lbrtfdc\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Modem\Enum
HKLM\SYSTEM\CurrentControlSet\Services\MSKSSRV\Enum
HKLM\SYSTEM\CurrentControlSet\Services\MSPCLOCK\Enum
HKLM\SYSTEM\CurrentControlSet\Services\MSPQM\Enum
HKLM\SYSTEM\CurrentControlSet\Services\nmwcd\Enum
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdc\Enum
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdnsu\Enum
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFlt\Enum
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFwd\Enum
HKLM\SYSTEM\CurrentControlSet\Services\pccsmcfd\Enum
HKLM\SYSTEM\CurrentControlSet\Services\PCIDump\Enum
HKLM\SYSTEM\CurrentControlSet\Services\PDCOMP\Enum
HKLM\SYSTEM\CurrentControlSet\Services\PDFRAME\Enum
HKLM\SYSTEM\CurrentControlSet\Services\PDRELI\Enum
HKLM\SYSTEM\CurrentControlSet\Services\PDRFRAME\Enum
HKLM\SYSTEM\CurrentControlSet\Services\RDPWD\Enum
HKLM\SYSTEM\CurrentControlSet\Services\s3m\Enum
HKLM\SYSTEM\CurrentControlSet\Services\TDPIPE\Enum
HKLM\SYSTEM\CurrentControlSet\Services\TDTCP\Enum
HKLM\SYSTEM\CurrentControlSet\Services\upperdev\Enum
HKLM\SYSTEM\CurrentControlSet\Services\usbser\Enum
HKLM\SYSTEM\CurrentControlSet\Services\UsbserFilt\Enum
HKLM\SYSTEM\CurrentControlSet\Services\WDICA\Enum
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbmdm6k\Enum
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbnmea\Enum
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbser6k\Enum

Values Added
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\
Microsoft Driver Setup: "C:\WINDOWS\cfdrive32.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
wuaucldt: "c:\windows\system32\wuaucldt.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Microsoft Driver Setup: "C:\WINDOWS\cfdrive32.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Regedit32: "C:\WINDOWS\system32\regedit.exe"
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
Taskman: "C:\Documents and Settings\Administrator\Application Data\ohydy.exe"

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Bluetooth: "%Temp%\hehfbi.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
1Class1: "%UserProfile%\Application Data\igaul.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
wuaucldt: "%UserProfile%
\wuaucldt.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
12CFG214-K641-12SF-N85P: "C:\RECYCLER\S-1-5-21-xxxxx\vsbntlo.exe"

HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\Control\*NewlyCreated*: 0x00000000
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\Service: "NwlnkFlt"
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\Legacy: 0x00000001
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\ConfigFlags: 0x00000000
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\Class: "LegacyDriver"
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\ClassGUID: "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\0000\DeviceDesc: "IPX Traffic Filter Driver"
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NWLNKFLT\NextInstance: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\25125f4\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\25125f4\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\25125f4\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\aec\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\AsyncMac\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\AsyncMac\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\AsyncMac\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\ati2mtag\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ati2mtag\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ati2mtag\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Atmarpc\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Atmarpc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Atmarpc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\avfwim\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\avfwim\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\avfwim\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Cdaudio\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Cdaudio\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Cdaudio\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Changer\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Changer\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Changer\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\DMusic\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\drmkaud\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Fdc\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Fdc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Fdc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\FETNDIS\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\FETNDIS\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\FETNDIS\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Flpydisk\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Flpydisk\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Flpydisk\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\gameenum\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\gameenum\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\gameenum\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\i2omgmt\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\i2omgmt\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\i2omgmt\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Ip6Fw\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Ip6Fw\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Ip6Fw\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\IpFilterDriver\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\IpInIp\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\IpInIp\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\IpInIp\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\IRENUM\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\IRENUM\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\IRENUM\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\kmixer\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\lbrtfdc\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\lbrtfdc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\lbrtfdc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Modem\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Modem\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\Modem\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\MRxDAV\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\MSKSSRV\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\MSKSSRV\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\MSKSSRV\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\MSPCLOCK\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\MSPCLOCK\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\MSPCLOCK\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\MSPQM\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\MSPQM\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\MSPQM\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\nmwcd\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\nmwcd\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\nmwcd\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\nmwcdc\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\nmwcdc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\nmwcdc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\nmwcdnsu\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\nmwcdnsu\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\nmwcdnsu\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\NwlnkFlt\Enum\0: "Root\LEGACY_NWLNKFLT\0000"
HKLM\SYSTEM\ControlSet002\Services\NwlnkFlt\Enum\Count: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\NwlnkFlt\Enum\NextInstance: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\NwlnkFwd\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\NwlnkFwd\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\NwlnkFwd\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\pccsmcfd\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\pccsmcfd\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\pccsmcfd\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\PCIDump\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PCIDump\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PCIDump\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\PDCOMP\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDCOMP\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDCOMP\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\PDFRAME\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDFRAME\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDFRAME\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\PDRELI\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDRELI\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDRELI\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\PDRFRAME\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDRFRAME\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\PDRFRAME\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\RDPWD\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\RDPWD\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\RDPWD\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\s3m\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\s3m\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\s3m\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\114.exe: "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\114.exe:*:C:\WINDOWS\cfdrive32.exe"
HKLM\SYSTEM\ControlSet002\Services\splitter\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\swmidi\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\Tcpip\Parameters\MaxUserPort: 0x0000FFFE
HKLM\SYSTEM\ControlSet002\Services\TDPIPE\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\TDPIPE\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\TDPIPE\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\TDTCP\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\TDTCP\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\TDTCP\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\upperdev\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\upperdev\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\upperdev\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\usbser\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\usbser\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\usbser\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\UsbserFilt\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\UsbserFilt\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\UsbserFilt\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\WDICA\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\WDICA\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\WDICA\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\ZTEusbmdm6k\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ZTEusbmdm6k\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ZTEusbmdm6k\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\ZTEusbnmea\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ZTEusbnmea\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ZTEusbnmea\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet002\Services\ZTEusbser6k\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ZTEusbser6k\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet002\Services\ZTEusbser6k\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\Control\*NewlyCreated*: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\Service: "NwlnkFlt"
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\Legacy: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\ConfigFlags: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\Class: "LegacyDriver"
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\ClassGUID: "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\0000\DeviceDesc: "IPX Traffic Filter Driver"
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWLNKFLT\NextInstance: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\25125f4\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\25125f4\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\25125f4\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\aec\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\AsyncMac\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\AsyncMac\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\AsyncMac\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\ati2mtag\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ati2mtag\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ati2mtag\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Atmarpc\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Atmarpc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Atmarpc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\avfwim\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\avfwim\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\avfwim\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Cdaudio\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Cdaudio\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Cdaudio\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Changer\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Changer\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Changer\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\DMusic\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\drmkaud\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Fdc\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Fdc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Fdc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\FETNDIS\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\FETNDIS\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\FETNDIS\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Flpydisk\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Flpydisk\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Flpydisk\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\gameenum\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\gameenum\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\gameenum\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\i2omgmt\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\i2omgmt\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\i2omgmt\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Ip6Fw\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Ip6Fw\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Ip6Fw\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\IpFilterDriver\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\IpInIp\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\IpInIp\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\IpInIp\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\IRENUM\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\IRENUM\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\IRENUM\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\lbrtfdc\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\lbrtfdc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\lbrtfdc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Modem\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Modem\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\Modem\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\MRxDAV\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\MSKSSRV\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\MSKSSRV\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\MSKSSRV\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\MSPCLOCK\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\MSPCLOCK\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\MSPCLOCK\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\MSPQM\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\MSPQM\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\MSPQM\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\nmwcd\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\nmwcd\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\nmwcd\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdc\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdc\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdc\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdnsu\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdnsu\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\nmwcdnsu\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFlt\Enum\0: "Root\LEGACY_NWLNKFLT\0000"
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFlt\Enum\Count: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFlt\Enum\NextInstance: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFwd\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFwd\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\NwlnkFwd\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\pccsmcfd\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\pccsmcfd\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\pccsmcfd\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\PCIDump\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PCIDump\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PCIDump\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\PDCOMP\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDCOMP\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDCOMP\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\PDFRAME\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDFRAME\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDFRAME\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\PDRELI\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDRELI\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDRELI\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\PDRFRAME\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDRFRAME\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\PDRFRAME\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\RDPWD\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\RDPWD\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\RDPWD\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\s3m\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\s3m\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\s3m\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\114.exe: "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\114.exe:*:C:\WINDOWS\cfdrive32.exe"
HKLM\SYSTEM\CurrentControlSet\Services\splitter\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\swmidi\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort: 0x0000FFFE
HKLM\SYSTEM\CurrentControlSet\Services\TDPIPE\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\TDPIPE\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\TDPIPE\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\TDTCP\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\TDTCP\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\TDTCP\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\upperdev\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\upperdev\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\upperdev\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\usbser\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\usbser\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\usbser\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\UsbserFilt\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\UsbserFilt\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\UsbserFilt\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\WDICA\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\WDICA\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\WDICA\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbmdm6k\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbmdm6k\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbmdm6k\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbnmea\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbnmea\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbnmea\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbser6k\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbser6k\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\ZTEusbser6k\Enum\INITSTARTFAILED: 0x00000001
HKCU\Software\Microsoft\OSVersion: "8108320"

The New York Times Crossword in Gothic

Win32/Bflient.K

No comments:

Post a Comment

Blog Archive