;*********************************************************************************************************************************************************************************** ANALYSIS: 2008-05-18 23:36:20 PROTECTIONS: 1 MALWARE: 12 SUSPECTS: 1 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== AVG Anti-Virus 8.0 Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00035722 adware/comet Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D49E9D35-254C-4c6a-9D17-95018D228FF5} 00035722 adware/comet Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA356D79-679B-4b4c-8E49-5AF97014F4C1} 00107107 Trj/Downloader.KY Virus/Trojan No 0 Yes No C:\Softwares\SourceInsight\SourceInsight.zip[SourceInsight/crack/run.exe] 00107107 Trj/Downloader.KY Virus/Trojan No 0 Yes No C:\Softwares\SourceInsight\SourceInsight.zip[SourceInsight/crack.zip][run.exe] 00107107 Trj/Downloader.KY Virus/Trojan No 0 Yes No C:\Softwares\SourceInsight\SourceInsight\crack.zip[run.exe] 00107107 Trj/Downloader.KY Virus/Trojan No 0 Yes No C:\Softwares\SourceInsight\SourceInsight\crack\run.exe 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Kunal\Cookies\kunal@doubleclick[1].txt 00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Kunal\Desktop\smitRem.exe[smitRem/Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{6D05FAB2-7A62-4A96-A638-2F0B6A273527}\RP547\A0048620.exe[smitRem/Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{6D05FAB2-7A62-4A96-A638-2F0B6A273527}\RP547\A0048625.exe 00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Kunal\Desktop\smitRem\Process.exe 01303739 Trj/Downloader.MDW Virus/Trojan No 1 No No C:\1A6.tmp[BndDrive.dll] 02886406 Adware/Amera Adware No 0 No No C:\1A6.tmp[ISMModule2.exe] 02886407 Application/DownAndRun HackTools No 0 No No C:\1A6.tmp[bndloader.exe] 02886408 Trj/Downloader.RQM Virus/Trojan No 1 Yes No C:\1A6.tmp 02887265 Adware/Adband Adware No 0 No No C:\1A6.tmp[ism.exe] 02938327 Adware/WinIFixer Adware No 0 Yes No C:\Documents and Settings\Kunal\Local Settings\Temp\.ttA.tmp 02942972 Application/ErrorSafe HackTools No 0 No No C:\Documents and Settings\Kunal\Local Settings\Temp\.ttA.tmp[WinIFixer.exe] 02980927 Generic Trojan Virus/Trojan Yes 0 No No C:\WINDOWS\SYSTEM32\CTFMONA.EXE ;=================================================================================================================================================================================== SUSPECTS Sent Location ÊP ;=================================================================================================================================================================================== No C:\PROGRAM FILES\ASKSBAR\SRCHASTT\1.BIN\A2SRCHAS.DLL ÊP ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ÊP ;=================================================================================================================================================================================== ;===================================================================================================================================================================================