Installation Report: stub
Generated by InCtrl5, version 1.0.0.0
Install program:
C:\Documents and Settings\Kobayashi\Desktop\Stubbos.Bot.Public
Release.Version.1.1.LITE\stub.exe
4/11/2005 3:24 PM
Contents
Registry
Keys ignored: 0
Keys added: 4
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\s
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\s
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\s
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\s
Keys deleted: 4
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\�
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\�
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\�
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\�
Values added: 1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
"C:\Program Files\Port Explorer\PortExplorer.exe"
- Type: REG_SZ
- Data: DiamondCS Port Explorer
Values deleted: 2
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kmixer\Enum "0"
- Type: REG_SZ
- Data:
SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kmixer\Enum
"0"
- Type: REG_SZ
- Data:
SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}
Values changed: 13
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
"HRZR_EHACNGU"
- Old type: REG_BINARY
- New type: REG_BINARY
- Old data: 06, 00, 00, 00, EC, 00, 00, 00, 90, A8, A7, F8, E4, 3E,
C5, 01
- New data: 06, 00, 00, 00, EE, 00, 00, 00, C0, 2D, FD, 1A, E5, 3E,
C5, 01
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
"HRZR_EHACNGU:Cbeg Rkcybere.yax"
- Old type: REG_BINARY
- New type: REG_BINARY
- Old data: 01, 00, 00, 00, 08, 00, 00, 00, C0, 14, 06, 6F, 78, EF,
C4, 01
- New data: 06, 00, 00, 00, 08, 00, 00, 00, C0, 8E, D8, 1A, E5, 3E,
C5, 01
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
"HRZR_EHACNGU:P:\Cebtenz Svyrf\Cbeg Rkcybere\CbegRkcybere.rkr"
- Old type: REG_BINARY
- New type: REG_BINARY
- Old data: 01, 00, 00, 00, 08, 00, 00, 00, 90, A1, 58, 6F, 78, EF,
C4, 01
- New data: 06, 00, 00, 00, 08, 00, 00, 00, C0, 2D, FD, 1A, E5, 3E,
C5, 01
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
"HRZR_HVFPHG"
- Old type: REG_BINARY
- New type: REG_BINARY
- Old data: 06, 00, 00, 00, 87, 00, 00, 00, B0, AA, 8A, F8, E4, 3E,
C5, 01
- New data: 06, 00, 00, 00, 88, 00, 00, 00, 20, 08, D7, 1A, E5, 3E,
C5, 01
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG "Seed"
- Old type: REG_BINARY
- New type: REG_BINARY
- Old data: DA, 1F, 8E, 85, D0, 6E, 5D, 1D, 0E, E9, E5, 97, 85, C5,
7F, DF, 20, 90, 1C, D5, C6, 51, B9, D1, 8A, AE, 3A, EF, BB, 29, 99, DB, 9B,
58, 98, 3C, 89, 37, 8C, 51, C0, CF, 6F, 74, 50, 7B, F9, F6, FD, 1D, E2, 63,
7E, A5, 96, 4A, AD, 7D, 09, 74, 48, 32, 61, 0D, B3, 68, 67, BA, C5, A6, DC,
FC, C5, B2, 45, DD, F5, 4A, 57, 45
- New data: 6E, 52, 08, 28, 0D, 3E, 08, 96, A9, 57, 5B, C2, 41, EE,
73, A9, 5A, 31, A2, 7C, AB, 5C, AB, B0, 2B, ED, CF, BE, 9F, 2F, 3E, 53, 50,
61, 29, 94, A3, 20, 6A, E3, 5B, D1, 5A, 8A, 7C, EB, 12, 4A, 5D, 59, 1F, ED,
0F, 61, CD, 2B, 25, 57, 05, 39, CE, AC, B5, 06, 79, DE, B8, 97, 80, C2, 1D,
90, 30, 49, B4, 03, D5, EA, C3, 26
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher
"LastTraceFailure"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 00, 00, 00, 00
- New data: 04, 00, 00, 00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher
"TracesProcessed"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 00, 00, 00, 00
- New data: 03, 00, 00, 00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher
"TracesSuccessful"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 00, 00, 00, 00
- New data: 02, 00, 00, 00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
"Shell"
- Old type: REG_SZ
- New type: REG_SZ
- Old data: Explorer.exe
- New data: explorer.exe stubbish.exe
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kmixer\Enum
"Count"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 01, 00, 00, 00
- New data: 00, 00, 00, 00
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kmixer\Enum
"NextInstance"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 01, 00, 00, 00
- New data: 00, 00, 00, 00
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kmixer\Enum
"Count"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 01, 00, 00, 00
- New data: 00, 00, 00, 00
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kmixer\Enum
"NextInstance"
- Old type: REG_DWORD
- New type: REG_DWORD
- Old data: 01, 00, 00, 00
- New data: 00, 00, 00, 00
To
Contents
Disk contents
Drives tracked: 1
Files added: 1
- c:\WINDOWS\system32\stubbish.exe
- Date: 3/19/2005 5:03 PM
- Size: 49,152 bytes
Files changed: 3
- c:\Documents and Settings\Kobayashi\NTUSER.DAT.LOG
- Old date: 4/11/2005 3:22 PM
- New date: 4/11/2005 3:23 PM
- Old size: 1,024 bytes
- New size: 1,024 bytes
- c:\WINDOWS\Prefetch\PORTEXPLORER.EXE-023DA43F.pf
- Old date: 12/31/2004 1:36 PM
- New date: 4/11/2005 3:23 PM
- Old size: 20,000 bytes
- New size: 23,848 bytes
- c:\WINDOWS\system32\config\software.LOG
- Old date: 4/11/2005 3:22 PM
- New date: 4/11/2005 3:23 PM
- Old size: 1,024 bytes
- New size: 1,024 bytes
To
Contents
INI file
Ini files tracked: 4
- C:\boot.ini
- c:\windows\control.ini
- c:\windows\system.ini
- c:\windows\win.ini
To
Contents
Text file
Text files tracked: 2
- c:\windows\system32\autoexec.nt
- c:\windows\system32\config.nt
To
Contents
InCtrl5, Copyright © 2000 by Ziff Davis Media,
Inc.
Written by Neil J. Rubenking
First published in
PC Magazine, December 5, 2000.