**** Malware_Report_-_Results ****
This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:
MD5 =9714a33e01c0a06ddd7a0febfee193ab

**** Malware_Report_-_Results ****
 _____________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|File_MD5Sum_____________________|SHA1SUM_________________________________|SHA256SUM_______________________________________________________|FUZZY_HASH______________________________________________________________________|File_Size|
|9714a33e01c0a06ddd7a0febfee193ab|0fec07d758d9c4bcfb0f8259250112093de152e4|87d7ac5388b67542834fa037dece7ea1d4e753fb6910a7b810aca50882c13ee0|1536:imu+IiTtB0WUQPOrrXtJSGqlhfvXeK69iUP4sNjgwN1L5YP0Zz8QADNG2h9AToJS:yenNUQmrrj|111269___|
**** File_Results ****
 _________
|File_Name|
|ami.exe__|
**** SNORT_Results ****
 ___________________________________________
|Snort_Class|Snort_Alert______________|Count|
|N/A________|No_snort_alerts_generated|0____|
**** AV_Results ****
 _______________________________
|AV_Alert_____________|AV_Vendor|
|Trojan_______________|Symantec_|
|Generic.dx___________|McAfee___|
|IM-Worm.Win32.Agent.v|Kaspersky|
**** Folders_(Added)_-_ICC_Results ****
 ________________
|Path|Folder_Name|
**** Files_(Added)_-_ICC_Results ****
 __________________________________________________________________________________________________________
|Path________________________________________________|File_Name____________________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|active_directory.pdf.pif_____________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|ANSYS_training.pif___________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|BitDefender_serial_number.exe________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|brontok_killer.exe___________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|Google_Earth_BZXV.setup.exe__________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|IE7.setup.exe________________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|kaspersky_activation_key.cmd_________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|microsoft_ASP.NET_training.pif_______________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|microsoft_C#_training.exe____________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|microsoft_MSCE_training.exe__________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|microsoft_NetWorking_training.exe____________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|microsoft_Windows_active_training.pdf.pif____________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|MSproject.exe________________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|New_Acrobat_professional.pif_________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|nod32_serial_number.cmd______________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|Norton_Ghost.exe_____________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|Sex_training.dat.pif_________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|Symantec_serial_number.exe___________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|VB.NET_complete_reference.pdf.pif____________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|visual_c#_complete_reference.pdf.pif_________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|visual_c++_complete_reference.pdf.pif________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|WebShot.scr__________________________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|windows_activation.exe_______________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|windows_server.pdf.cmd_______________________________|
|c:/Program_Files/Adobe/Reader_8.0/Reader/IDTemplates|xnxx.pif_____________________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|active_directory.pdf.pif_____________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/Program_Files/Common_Files/Microsoft_Shared______|ANSYS_training.pif___________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|BitDefender_serial_number.exe________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|brontok_killer.exe___________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|Google_Earth_BZXV.setup.exe__________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|IE7.setup.exe________________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|kaspersky_activation_key.cmd_________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|microsoft_ASP.NET_training.pif_______________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|microsoft_C#_training.exe____________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|microsoft_MSCE_training.exe__________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|microsoft_NetWorking_training.exe____________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|microsoft_Windows_active_training.pdf.pif____________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|MSproject.exe________________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|New_Acrobat_professional.pif_________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|nod32_serial_number.cmd______________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|Norton_Ghost.exe_____________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|Sex_training.dat.pif_________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|Symantec_serial_number.exe___________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|VB.NET_complete_reference.pdf.pif____________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|visual_c#_complete_reference.pdf.pif_________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|visual_c++_complete_reference.pdf.pif________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|WebShot.scr__________________________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|windows_activation.exe_______________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|windows_server.pdf.cmd_______________________________|
|c:/Program_Files/Common_Files/Microsoft_Shared______|xnxx.pif_____________________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|active_directory.pdf.pif_____________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/Program_Files/Movie_Maker/Shared_________________|ANSYS_training.pif___________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|BitDefender_serial_number.exe________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|brontok_killer.exe___________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/Program_Files/Movie_Maker/Shared_________________|Google_Earth_BZXV.setup.exe__________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|IE7.setup.exe________________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|kaspersky_activation_key.cmd_________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|microsoft_ASP.NET_training.pif_______________________|
|c:/Program_Files/Movie_Maker/Shared_________________|microsoft_C#_training.exe____________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|microsoft_MSCE_training.exe__________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|microsoft_NetWorking_training.exe____________________|
|c:/Program_Files/Movie_Maker/Shared_________________|microsoft_Windows_active_training.pdf.pif____________|
|c:/Program_Files/Movie_Maker/Shared_________________|MSproject.exe________________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|New_Acrobat_professional.pif_________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|nod32_serial_number.cmd______________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|Norton_Ghost.exe_____________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|Sex_training.dat.pif_________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|Symantec_serial_number.exe___________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|VB.NET_complete_reference.pdf.pif____________________|
|c:/Program_Files/Movie_Maker/Shared_________________|visual_c#_complete_reference.pdf.pif_________________|
|c:/Program_Files/Movie_Maker/Shared_________________|visual_c++_complete_reference.pdf.pif________________|
|c:/Program_Files/Movie_Maker/Shared_________________|WebShot.scr__________________________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|windows_activation.exe_______________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|windows_server.pdf.cmd_______________________________|
|c:/Program_Files/Movie_Maker/Shared_________________|xnxx.pif_____________________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|active_directory.pdf.pif_____________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/Program_Files/Mozilla_Firefox/modules____________|ANSYS_training.pif___________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|BitDefender_serial_number.exe________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|brontok_killer.exe___________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|Google_Earth_BZXV.setup.exe__________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|IE7.setup.exe________________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|kaspersky_activation_key.cmd_________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|microsoft_ASP.NET_training.pif_______________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|microsoft_C#_training.exe____________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|microsoft_MSCE_training.exe__________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|microsoft_NetWorking_training.exe____________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|microsoft_Windows_active_training.pdf.pif____________|
|c:/Program_Files/Mozilla_Firefox/modules____________|MSproject.exe________________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|New_Acrobat_professional.pif_________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|nod32_serial_number.cmd______________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|Norton_Ghost.exe_____________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|Sex_training.dat.pif_________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|Symantec_serial_number.exe___________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|VB.NET_complete_reference.pdf.pif____________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|visual_c#_complete_reference.pdf.pif_________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|visual_c++_complete_reference.pdf.pif________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|WebShot.scr__________________________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|windows_activation.exe_______________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|windows_server.pdf.cmd_______________________________|
|c:/Program_Files/Mozilla_Firefox/modules____________|xnxx.pif_____________________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|active_directory.pdf.pif_____________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|ANSYS_training.pif___________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|BitDefender_serial_number.exe________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|brontok_killer.exe___________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|Google_Earth_BZXV.setup.exe__________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|IE7.setup.exe________________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|kaspersky_activation_key.cmd_________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|microsoft_ASP.NET_training.pif_______________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|microsoft_C#_training.exe____________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|microsoft_MSCE_training.exe__________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|microsoft_NetWorking_training.exe____________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|microsoft_Windows_active_training.pdf.pif____________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|MSproject.exe________________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|New_Acrobat_professional.pif_________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|nod32_serial_number.cmd______________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|Norton_Ghost.exe_____________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|Sex_training.dat.pif_________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|Symantec_serial_number.exe___________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|VB.NET_complete_reference.pdf.pif____________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|visual_c#_complete_reference.pdf.pif_________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|visual_c++_complete_reference.pdf.pif________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|WebShot.scr__________________________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|windows_activation.exe_______________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|windows_server.pdf.cmd_______________________________|
|c:/WINDOWS/pchealth/helpctr/Temp____________________|xnxx.pif_____________________________________________|
|c:/WINDOWS/Prefetch_________________________________|SANDNET.EXE-2012C478.pf______________________________|
|c:/WINDOWS/Prefetch_________________________________|SYSTEM.EXE-0B150F3C.pf_______________________________|
|c:/WINDOWS/security/templates_______________________|active_directory.pdf.pif_____________________________|
|c:/WINDOWS/security/templates_______________________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/WINDOWS/security/templates_______________________|ANSYS_training.pif___________________________________|
|c:/WINDOWS/security/templates_______________________|BitDefender_serial_number.exe________________________|
|c:/WINDOWS/security/templates_______________________|brontok_killer.exe___________________________________|
|c:/WINDOWS/security/templates_______________________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/WINDOWS/security/templates_______________________|Google_Earth_BZXV.setup.exe__________________________|
|c:/WINDOWS/security/templates_______________________|IE7.setup.exe________________________________________|
|c:/WINDOWS/security/templates_______________________|kaspersky_activation_key.cmd_________________________|
|c:/WINDOWS/security/templates_______________________|microsoft_ASP.NET_training.pif_______________________|
|c:/WINDOWS/security/templates_______________________|microsoft_C#_training.exe____________________________|
|c:/WINDOWS/security/templates_______________________|microsoft_MSCE_training.exe__________________________|
|c:/WINDOWS/security/templates_______________________|microsoft_NetWorking_training.exe____________________|
|c:/WINDOWS/security/templates_______________________|microsoft_Windows_active_training.pdf.pif____________|
|c:/WINDOWS/security/templates_______________________|MSproject.exe________________________________________|
|c:/WINDOWS/security/templates_______________________|New_Acrobat_professional.pif_________________________|
|c:/WINDOWS/security/templates_______________________|nod32_serial_number.cmd______________________________|
|c:/WINDOWS/security/templates_______________________|Norton_Ghost.exe_____________________________________|
|c:/WINDOWS/security/templates_______________________|Sex_training.dat.pif_________________________________|
|c:/WINDOWS/security/templates_______________________|Symantec_serial_number.exe___________________________|
|c:/WINDOWS/security/templates_______________________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/WINDOWS/security/templates_______________________|VB.NET_complete_reference.pdf.pif____________________|
|c:/WINDOWS/security/templates_______________________|visual_c#_complete_reference.pdf.pif_________________|
|c:/WINDOWS/security/templates_______________________|visual_c++_complete_reference.pdf.pif________________|
|c:/WINDOWS/security/templates_______________________|WebShot.scr__________________________________________|
|c:/WINDOWS/security/templates_______________________|windows_activation.exe_______________________________|
|c:/WINDOWS/security/templates_______________________|windows_server.pdf.cmd_______________________________|
|c:/WINDOWS/security/templates_______________________|xnxx.pif_____________________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|active_directory.pdf.pif_____________________________|
|c:/WINDOWS/system32/config/systemprofile____________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/WINDOWS/system32/config/systemprofile____________|ANSYS_training.pif___________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|BitDefender_serial_number.exe________________________|
|c:/WINDOWS/system32/config/systemprofile____________|brontok_killer.exe___________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/WINDOWS/system32/config/systemprofile____________|Google_Earth_BZXV.setup.exe__________________________|
|c:/WINDOWS/system32/config/systemprofile____________|IE7.setup.exe________________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|kaspersky_activation_key.cmd_________________________|
|c:/WINDOWS/system32/config/systemprofile____________|microsoft_ASP.NET_training.pif_______________________|
|c:/WINDOWS/system32/config/systemprofile____________|microsoft_C#_training.exe____________________________|
|c:/WINDOWS/system32/config/systemprofile____________|microsoft_MSCE_training.exe__________________________|
|c:/WINDOWS/system32/config/systemprofile____________|microsoft_NetWorking_training.exe____________________|
|c:/WINDOWS/system32/config/systemprofile____________|microsoft_Windows_active_training.pdf.pif____________|
|c:/WINDOWS/system32/config/systemprofile____________|MSproject.exe________________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|New_Acrobat_professional.pif_________________________|
|c:/WINDOWS/system32/config/systemprofile____________|nod32_serial_number.cmd______________________________|
|c:/WINDOWS/system32/config/systemprofile____________|Norton_Ghost.exe_____________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|Sex_training.dat.pif_________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|Symantec_serial_number.exe___________________________|
|c:/WINDOWS/system32/config/systemprofile____________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|VB.NET_complete_reference.pdf.pif____________________|
|c:/WINDOWS/system32/config/systemprofile____________|visual_c#_complete_reference.pdf.pif_________________|
|c:/WINDOWS/system32/config/systemprofile____________|visual_c++_complete_reference.pdf.pif________________|
|c:/WINDOWS/system32/config/systemprofile____________|WebShot.scr__________________________________________|
|c:/WINDOWS/system32/config/systemprofile____________|windows_activation.exe_______________________________|
|c:/WINDOWS/system32/config/systemprofile____________|windows_server.pdf.cmd_______________________________|
|c:/WINDOWS/system32/config/systemprofile____________|xnxx.pif_____________________________________________|
|c:/WINDOWS/system32_________________________________|Cexplorer.exe________________________________________|
|c:/WINDOWS/Temp_____________________________________|active_directory.pdf.pif_____________________________|
|c:/WINDOWS/Temp_____________________________________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/WINDOWS/Temp_____________________________________|ANSYS_training.pif___________________________________|
|c:/WINDOWS/Temp_____________________________________|BitDefender_serial_number.exe________________________|
|c:/WINDOWS/Temp_____________________________________|brontok_killer.exe___________________________________|
|c:/WINDOWS/Temp_____________________________________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/WINDOWS/Temp_____________________________________|Google_Earth_BZXV.setup.exe__________________________|
|c:/WINDOWS/Temp_____________________________________|IE7.setup.exe________________________________________|
|c:/WINDOWS/Temp_____________________________________|kaspersky_activation_key.cmd_________________________|
|c:/WINDOWS/Temp_____________________________________|microsoft_ASP.NET_training.pif_______________________|
|c:/WINDOWS/Temp_____________________________________|microsoft_C#_training.exe____________________________|
|c:/WINDOWS/Temp_____________________________________|microsoft_MSCE_training.exe__________________________|
|c:/WINDOWS/Temp_____________________________________|microsoft_NetWorking_training.exe____________________|
|c:/WINDOWS/Temp_____________________________________|microsoft_Windows_active_training.pdf.pif____________|
|c:/WINDOWS/Temp_____________________________________|MSproject.exe________________________________________|
|c:/WINDOWS/Temp_____________________________________|New_Acrobat_professional.pif_________________________|
|c:/WINDOWS/Temp_____________________________________|nod32_serial_number.cmd______________________________|
|c:/WINDOWS/Temp_____________________________________|Norton_Ghost.exe_____________________________________|
|c:/WINDOWS/Temp_____________________________________|Sex_training.dat.pif_________________________________|
|c:/WINDOWS/Temp_____________________________________|Symantec_serial_number.exe___________________________|
|c:/WINDOWS/Temp_____________________________________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/WINDOWS/Temp_____________________________________|VB.NET_complete_reference.pdf.pif____________________|
|c:/WINDOWS/Temp_____________________________________|visual_c#_complete_reference.pdf.pif_________________|
|c:/WINDOWS/Temp_____________________________________|visual_c++_complete_reference.pdf.pif________________|
|c:/WINDOWS/Temp_____________________________________|WebShot.scr__________________________________________|
|c:/WINDOWS/Temp_____________________________________|windows_activation.exe_______________________________|
|c:/WINDOWS/Temp_____________________________________|windows_server.pdf.cmd_______________________________|
|c:/WINDOWS/Temp_____________________________________|xnxx.pif_____________________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|active_directory.pdf.pif_____________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|Advanced_C++_MFC_Programming_Developer_Studio.pdf.pif|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|ANSYS_training.pif___________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|BitDefender_serial_number.exe________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|brontok_killer.exe___________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|cad_safe_matlab_sap_sample.setup.exe_________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|Google_Earth_BZXV.setup.exe__________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|IE7.setup.exe________________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|kaspersky_activation_key.cmd_________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|microsoft_ASP.NET_training.pif_______________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|microsoft_C#_training.exe____________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|microsoft_MSCE_training.exe__________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|microsoft_NetWorking_training.exe____________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|microsoft_Windows_active_training.pdf.pif____________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|MSproject.exe________________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|New_Acrobat_professional.pif_________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|nod32_serial_number.cmd______________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|Norton_Ghost.exe_____________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|Sex_training.dat.pif_________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|Symantec_serial_number.exe___________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|TCP-IP_&_DNS.pdf.pif_________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|VB.NET_complete_reference.pdf.pif____________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|visual_c#_complete_reference.pdf.pif_________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|visual_c++_complete_reference.pdf.pif________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|WebShot.scr__________________________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|windows_activation.exe_______________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|windows_server.pdf.cmd_______________________________|
|c:/WINDOWS/WinSxS/InstallTemp_______________________|xnxx.pif_____________________________________________|
|c:/WINDOWS__________________________________________|java.exe_____________________________________________|
|c:__________________________________________________|active.exe___________________________________________|
|c:__________________________________________________|ebook.cmd____________________________________________|
|c:__________________________________________________|netstat_post.txt_____________________________________|
|c:__________________________________________________|patch.exe____________________________________________|
|c:__________________________________________________|sex.com.exe__________________________________________|
|c:__________________________________________________|system.exe___________________________________________|
|c:__________________________________________________|taskv_post.txt_______________________________________|
|c:__________________________________________________|WebShot.scr__________________________________________|
|c:__________________________________________________|Win32.sys____________________________________________|
|c:__________________________________________________|Winrar.sys___________________________________________|
|c:__________________________________________________|xnxx.pdf.pif_________________________________________|
**** Files_(Deleted)_-_ICC_Results ****
 _____________________
|Action|Path|File_Name|
**** Files_(Changed)_-_ICC_Results ****
 ________________________________________________________________________________________________________________________
|Action__|Path__________________________________________________________________________________|File_Name_______________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|HSTART.EXE-221D72BF.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/config____________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config____________________________________________________________|SysEvent.Evt____________|
|modified|c:/WINDOWS/system32/config____________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/drivers/etc_______________________________________________________|hosts___________________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
**** Registry_Keys_(Added)_-_ICC_Results ****
 ___________
|Action|Path|
**** Registry_Values_(Added)_-_ICC_Results ****
 _____________________________
|Action|Path|Val_Name|Val_Data|
**** Registry_Values_(Deleted)_-_ICC_Results ****
 ________________________________________________________________
|Action|Path|Val_Name|Val_Type|Mod_Val_Type|Val_Data|Mod_Val_Data|
**** Registry_Values_(Changed)_-_ICC_Results ****
 ______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action__|Path____________________________________________________________________________________________________________________|Val_Name___________|Val_Data________________________________________________________________________|Mod_Val_Data___________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|F3_AA_0C_93_1E_D1_49_5E_0B_9E_40_B1_DD_4F_A4_97_27_71_F1_A1_B7_06_2E_A1_2A_45_A3|EC_AC_2E_42_CB_1B_34_FA_80_94_1C_35_D0_87_08_E0_2A_4E_13_74_A9_66_4F_5E_35_FA_8|
|modified|HKLM/SOFTWARE/Microsoft/Ole_____________________________________________________________________________________________|EnableDCOM_________|"Y"_____________________________________________________________________________|4E_00_00_00____________________________________________________________________|
|modified|HKLM/SYSTEM/ControlSet001/Control/ComputerName/ComputerName_____________________________________________________________|ComputerName_______|"DMC73144"______________________________________________________________________|79_64_66_65____________________________________________________________________|
|modified|HKLM/SYSTEM/ControlSet001/Services/SharedAccess_________________________________________________________________________|Start______________|0x00000002______________________________________________________________________|0x00000004_____________________________________________________________________|
|modified|HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch___________________________________________________________________|Epoch______________|0x00000104______________________________________________________________________|0x00000105_____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Control/ComputerName/ComputerName_________________________________________________________|ComputerName_______|"DMC73144"______________________________________________________________________|79_64_66_65____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess_____________________________________________________________________|Start______________|0x00000002______________________________________________________________________|0x00000004_____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch_______________________________________________________________|Epoch______________|0x00000104______________________________________________________________________|0x00000105_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
**** DNS_Results ****
 ________________
|DNS|DNS_Response|
**** URL_Results ****
 ______________________________________________________________________________
|DstIP__________|HTTP_HOST___________|HTTP_REQUEST_URI|HTTP_USER_AGENT|PROTOCOL|
|239.255.255.250|239.255.255.250:1900|*_______________|--blank--______|0x11____|
**** ARGUS_PROTOCOL_Results ****
 ______________________________________________
|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|17______|2_______|0_______|350______|0________|
**** ARGUS_DPORT_Results ****
 ____________________________________________________
|DPORT|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|1900_|17______|2_______|0_______|350______|0________|
**** ARGUS_DATA_Results ****
 ________________________________________________________________________________________
|Time____|Date______|Protocol|SrcIP_____|DstIP__________|Dir|Flags|Sport|Dport|Pkts|Bytes|
|13:42:04|2011-07-10|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
**** Packer_Results ****
 ___________
|Packer_Name|
**** HoneyTrap_Results ****
 ____________________________
|Honey_Trap_Log_File_Location|
**** PTFB_Results ****
 ______________________
|PTFB_Log_File_Location|