;*********************************************************************************************************************************************************************************** ANALYSIS: 2008-05-22 06:52:13 PROTECTIONS: 1 MALWARE: 3 SUSPECTS: 7 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== Symantec AntiVirus Corporate Edition 10.0.1.1000 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00523358 Application/ViewPoint HackTools No 0 No No C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Manager\Downloads\ViewpointSearchBar\Exec.exe[ViewBarBHO.dll] 01048987 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Manager\Downloads\ViewpointSearchBar\Exec.exe[ViewBar.dll] 02904057 W32/Autorun.QV.worm Virus/Worm No 0 Yes No C:\Misc\Adobe Reader\v7.0.0\files\InstallAdobe70.exe ;=================================================================================================================================================================================== SUSPECTS Sent Location KR ;=================================================================================================================================================================================== No C:\WINDOWS\SYSTEM32\SVCHOST.EXE KR No C:\Documents and Settings\gallikem\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.99419 No C:\Documents and Settings\gallikem\Local Settings\Temporary Internet Files\Content.IE5\42SQMKEP\down[1].exe No C:\Documents and Settings\gallikem\Local Settings\Temporary Internet Files\Content.IE5\9PL9XF2T\down[1].exe No C:\Documents and Settings\gallikem\Local Settings\Temporary Internet Files\Content.IE5\9WSLNQNZ\down[1].exe No C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRYNI1QF\down[1].exe No C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRYNI1QF\down[2].exe ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description KR ;=================================================================================================================================================================================== 164915 HIGH MS07-035 KR 164911 HIGH MS07-031 KR 157262 HIGH MS07-022 KR 157261 HIGH MS07-021 KR 157260 HIGH MS07-020 KR 157259 HIGH MS07-019 KR 156477 HIGH MS07-017 KR 150249 HIGH MS07-013 KR 150248 HIGH MS07-012 KR 150247 HIGH MS07-011 KR 150243 HIGH MS07-008 KR 150242 HIGH MS07-007 KR 150241 MEDIUM MS07-006 KR 141034 HIGH MS06-076 KR 141033 MEDIUM MS06-075 KR 137571 HIGH MS06-070 KR 133387 MEDIUM MS06-065 KR 133386 MEDIUM MS06-064 KR 133385 MEDIUM MS06-063 KR 133379 HIGH MS06-057 KR 129977 MEDIUM MS06-053 KR 129976 MEDIUM MS06-052 KR 126093 HIGH MS06-051 KR 126092 MEDIUM MS06-050 KR 126087 HIGH MS06-046 KR 126082 HIGH MS06-041 KR 126081 HIGH MS06-040 KR 123421 HIGH MS06-036 KR 123420 HIGH MS06-035 KR 120823 MEDIUM MS06-030 KR 120818 HIGH MS06-025 KR 120815 HIGH MS06-022 KR 117384 MEDIUM MS06-018 KR 114666 HIGH MS06-015 KR 108744 MEDIUM MS06-008 KR 108742 MEDIUM MS06-006 KR 104567 HIGH MS06-002 KR 96574 HIGH MS05-053 KR 93395 HIGH MS05-051 KR 93454 MEDIUM MS05-049 KR ;===================================================================================================================================================================================