39292.exe (civilwar.exe)

39292.exe (civilwar.exe) is an adware bundler that installs other adware with itself like Adware-GAIN (Claria). The Adware that it installs with itself may download and displays advertisements.

General information:

Malware Name:	39292.exe (civilwar.exe)
Malware Type:	Adware Bundler
Company Name:	screensandthemes.com
Company URL:	http://www.screensandthemes.com/
Threat Level:	Low Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation

Company Description:

screensandthemes.com provides you the software 39292.exe (civilwar.exe) that shows you pictures of the well known Officers of the Civil War era, all on beautiful backgrounds, fade in and out with lovely transitions.

Spyware Description:

39292.exe (civilwar.exe) is an adware bundler that installs other adware with itself like Adware-GAIN (Claria). The Adware that it installs with itself may download and displays advertisements.

Characteristics/Symptoms:

    -> It installs other adware with itself like Adware-GAIN (Claria). -> The Adware that it installs with itself may download and displays advertisements.

Additional information might be found here:

	Search at Google for 39292.exe (civilwar.exe)
	Search at Bing for 39292.exe (civilwar.exe)
	Search at Yahoo for 39292.exe (civilwar.exe)

Processes Running:

39292.scr

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Documents and Settings\[USER]\Start Menu\Programs\screensandthemes\Uninstall 39292.exe.lnk	1618	Shortcut
C:\WINDOWS\39292.scr	2211017	Screen Saver
C:\WINDOWS\iGator\trickler3103_pic_fs_dmpt_3103.exe	209097	Application

Folder information Created after Installation:

Folder Location
C:\Documents and Settings\[USER]\Start Menu\Programs\screensandtheme
C:\WINDOWS\iGato

Registry information Created after Installation: