;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-06-10 06:06:21
PROTECTIONS: 1
MALWARE: 35
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
McAfee VirusScan No Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00003992 spyware/adclicker Spyware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00110011-4b0b-44d5-9718-90c88817369b}
00013512 adware/searchaid Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{587DBF2D-9145-4C9E-92C2-1F953DA73773}
00013512 adware/searchaid Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}
00029036 adware/superspider Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{467FAEB2-5F5B-4C81-BAE0-2A4752CA7F4E}
00029036 adware/superspider Adware No 1 Yes No c:\windows\mssys.exe
00029343 adware/mssearch Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fd9bc004-8331-4457-b830-4759ff704c22}
00029343 adware/mssearch Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}
00035633 adware/cws.nfo Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3EEBBE8-9CAB-4C76-B26A-747E25EBB4C6}
00036156 adware/winres Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D38A51A-23C9-48a1-A33C-48675AA2B494}
00039204 adware/cws Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17da0c9e-4a27-4ac5-bb75-5d24b8cdb972}
00039204 adware/cws Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
00039204 adware/cws Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}
00039204 adware/cws Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc97b254-b2b9-4d40-971d-78e0978f5f26}
00040007 adware/cws.yexe Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5321E378-FFAD-4999-8C62-03CA8155F0B3}
00103389 adware/noname Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cf021f40-3e14-23a5-cba2-717765721306}
00110532 spyware/clientman Spyware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@trafficmp[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@atdmt[2].txt
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Desktop\Stuff\New Folder\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Program Files\America Online 9.0\download\SmitfraudFix\Process.exe
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@mediaplex[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt [email protected][2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00023441
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@apmebf[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@advertising[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt [email protected][1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@zedo[2].txt
00177226 spyware/lefeat Spyware No 1 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B847676D-72AC-4393-BFFF-43A1EB979352}
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt cole@adrevolver[1].txt
00218977 adware/affilred Adware No 0 Yes No c:\windows\msupdate.exe
00219327 adware/conspy Adware No 0 Yes No c:\windows\editpad.exe
00219327 adware/conspy Adware No 0 Yes No c:\windows\waol.exe
00226936 adware/cws.payfortraffic Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98DBBF16-CA43-4c33-BE80-99E6694468A4}
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\John Owen Burt Cole\Cookies\john owen burt [email protected][2].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\John Owen Burt Cole\Desktop\Stuff\New Folder\SmitfraudFix\Reboot.exe
02887699 Spyware/Virtumonde Spyware No 1 Yes No C:\QooBox\Quarantine\catchme2008-01-01_185915.48.zip[yayxvuu.dll]
02893747 Adware/VapSup Adware No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\ensfolr.dll.vir
02915730 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\John Owen Burt Cole\Desktop\Stuff\New Folder\SmitfraudFix.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================