Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need help removing virus/malware on my computer.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby josec » September 14th, 2007, 1:29 pm

KASPERSKY ONLINE SCANNER REPORT
Thursday, September 13, 2007 10:55:53 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 14/09/2007
Kaspersky Anti-Virus database records: 418126
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
H:\
Scan Statistics
Total number of scanned objects 113423
Number of viruses found 12
Number of infected objects 143
Number of suspicious objects 147
Duration of the scan process 04:25:39

Infected Object Name Virus Name Last Action
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash/[From taisha15 ][Date Date header was inserted by SMTP.Prodigy.Net.mx]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash/[From taisha15 ][Date Date header was inserted by SMTP.Prodigy.Net.mx]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash Mail Berkeley mbox: suspicious - 2 skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jer ... /[From "Jon Crump /(DGWEB TECHNICAL SUPPORT/)" ][Date Fri, 16 Aug 2002 15:04:51 -0700]/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[Fro ... /[From Sylvia ][Date Thu, 15 Aug 2002 14:05:36 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini ... /[From marthayourd ][Date Tue, 20 Aug 2002 22:59:45 -0400 (EDT ... /html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini ... /[From marthayourd ][Date Tue, 20 Aug 2002 22:59:45 -0400 (EDT)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Tue, 20 Aug 2002 13:45:38 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 17:02:26 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 15:09:21 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 08:42:17 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream. ... /[From nicpipkin ][Date Mon, 26 Aug 2002 06:04:44 -050 ... /html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbell ... /[From computersolutions ][Date Mon, 26 Aug 2002 19:08:05 -0500]/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Mor ... /[From letmepamperu@juno.com][Date Wed, 4 Sep 2002 21:57:10 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Wed, 4 Sep 2002 22:10:46 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Wed, 4 Sep 2002 14:31:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morr ... /[From letmepamperu@juno.com][Date Wed, 4 Sep 2002 11:57:26 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Fri, 30 Aug 2002 21:09:53 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From " ... /[From "Elena Barron" ][Date Mon, 26 Aug 2002 18:42:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Sheri Atkinson" ][Date Mon, 26 Aug 2002 09:25:42 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream. ... /[From nicpipkin ][Date Mon, 26 Aug 2002 06:04:44 -0500]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 14:59:30 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 14:00:09 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 13:40:31 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 13:59:00 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 13:43:13 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 08:29:53 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 21 Aug 2002 21:45:21 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jer ... /[From "Jon Crump /(DGWEB TECHNICAL SUPPORT/)" ][Date Sun, 18 Aug 2002 12:57:14 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From ][Date Wed, 14 Aug 2002 12:32:12 -0400]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From Jerry Jozwiak ][Date Tue, 13 Aug 2002 19:28:52 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[From "Tappan/Morrison" ][Date Mon, 12 Aug 2002 22:26:40 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 22:42:42 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 14:11:20 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 13:15:54 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Wed, 07 Aug 2002 15:18:31 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel ][Date Mon, 13 Jan 2003 15:36:13 --0800]/Movie_0074.mpeg.pi Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel " ][Date Mon, 13 Jan 2003 16:50:29 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 -0800 (Pacific Standard Time)]/UNNAMED Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" ][Date Tue, 2 Mar 2004 18:38:36 -0800]/text Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" ][Date Tue, 2 Mar 2004 14:47:14 -0600 (CST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson ... /[From TWTMHighSchool Moderator ][Date 4 May 2004 02:39:06 -0000]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Mon, 3 May 2004 14:15:16 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Sun, 2 May 2004 17:54:16 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Fri, 30 Apr 2004 13:05:47 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Tue, 27 Apr 2004 13:06:34 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Thu, 5 Feb 2004 08:36:27 -0800]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox Mail Berkeley mbox: infected - 21, suspicious - 44 skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From carolyn.dc@juno.com][Date Tue, 2 Mar 2004 14:04:04 -0800]/talk_msg.zip/talk_msg.exe Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From carolyn.dc@juno.com][Date Tue, 2 Mar 2004 14:04:04 -0800]/talk_msg.zip Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From 166522828@snj-us-pcwp-702.kodak.com][Date Tue, 2 Mar 2004 18:17:51 -0800]/material.rtf.scr Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 2004 13:50:13 -0800]/UNNAMED/party.zip/party.doc.pif Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 2004 13:50:13 -0800]/UNNAMED/party.zip Infected: Email-Worm.Win32.NetSky.c skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner ][Date Wed, 14 Apr 2004 15:18:58 -0700 (PDT)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr ... /[From Mail Delivery Subsyste ... /[From smithersd@juno.com][Date Mon, 12 Apr 2004 21:21:23 -0800]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr ... /[From Mail Delivery Subsystem ][Date Fri, 5 Mar 2004 21:12:18 -0500 (EST)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 20 ... /[From Sylvia ][Date Fri, 05 Mar 2004 18:21:57 -0800]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 20 ... /[From Lisa Eastman ][Date Wed, 3 Mar 2004 17:16:52 -0800]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 2004 13:50:13 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\Den Computer\Den E-Drive\Saved 5-14-04\mozllia\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Trash Mail Berkeley mbox: infected - 10, suspicious - 9 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip/v1.8.1/wbuninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-09-13_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Log.LiveUpdate Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
C:\Documents and Settings\Jose\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Musicmatch\Jukebox\mmjbaltlog.txt Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Musicmatch\Jukebox\mmjblog.txt Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Musicmatch\MIM\Database\Default.ldb Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Musicmatch\MIM\Database\Default.mdb Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\History\History.IE5\MSHist012007091320070914\index.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temp\JET99AB.tmp Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temp\~DF3161.tmp Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jose\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jose\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\016F702E Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\018A4011/[From ggotony@wmconnect.com][Date Mon, 9 Aug 2004 23:42:24 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\018A4011/[From ggotony@wmconnect.com][Date Mon, 9 Aug 2004 23:42:24 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\018A4011 Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\018A4011 CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\091C0D63 Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\098876EC Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE03418 Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\108653DB/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\108653DB ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\108653DB CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\15B85020.tmp/Notice.txt .exe Infected: Email-Worm.Win32.NetSky.aa skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\15B85020.tmp ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\15B85020.tmp CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18775F65 Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18955944/[From 3dkattalk@sbcglobal.net][Date Wed, 11 Aug 2004 20:00:30 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18955944/[From 3dkattalk@sbcglobal.net][Date Wed, 11 Aug 2004 20:00:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18955944 Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18955944 CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\19046CCA Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\191114BC/[From jenig@igarashi.us][Date Thu, 12 Aug 2004 00:03:07 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\191114BC/[From jenig@igarashi.us][Date Thu, 12 Aug 2004 00:03:07 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\191114BC Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\191114BC CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\279A4571 Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27AE415B/[From sandy1day@charter.net][Date Tue, 7 Sep 2004 02:15:35 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27AE415B/[From sandy1day@charter.net][Date Tue, 7 Sep 2004 02:15:35 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27AE415B Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27AE415B CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2FA83D52/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2FA83D52 ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2FA83D52 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\300454ED Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30214ECD/[From esquared@eckhardts.com][Date Sun, 8 Aug 2004 20:23:57 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30214ECD/[From esquared@eckhardts.com][Date Sun, 8 Aug 2004 20:23:57 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30214ECD Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30214ECD CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\315D2B8D/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:12 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\315D2B8D Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\315D2B8D CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31B26F2F/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31B26F2F Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31B26F2F CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31E03AFD/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31E03AFD Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31E03AFD CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\321130C7/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\321130C7 Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\321130C7 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3270725F/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3270725F Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3270725F CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\329D3E2D/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\329D3E2D Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\329D3E2D CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32CB09FA/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32CB09FA Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32CB09FA CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32F955C8/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32F955C8 Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32F955C8 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33726743/[From postmaster@hotmail.com][Date Wed, 4 May 2005 21:11:13 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33726743 Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33726743 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33AD5B02/[From postmaster@hotmail.com][Date Thu, 5 May 2005 09:12:18 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33AD5B02 Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33AD5B02 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3EC36CB3 Infected: Email-Worm.Win32.NetSky.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\410C57DC Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\417E155E Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\41C30712 Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\41F47CDC Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\42426C86 Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4269645B Infected: Email-Worm.Win32.Mydoom.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45516F7C.tmp Infected: Email-Worm.Win32.Mydoom.l skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\657B7C4F Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\658F783A/[From bethhummel@comcast.net][Date Wed, 18 Aug 2004 00:46:52 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\658F783A/[From bethhummel@comcast.net][Date Wed, 18 Aug 2004 00:46:52 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\658F783A Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\658F783A CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65AC7219/details.txt .pif Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65AC7219 ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65AC7219 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65C641FD Infected: Email-Worm.Win32.NetSky.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65EE39D1/details.txt .pif Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65EE39D1 ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\65EE39D1 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66250394/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66250394 ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66250394 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66502566 Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66534F62/[From auto-000060224554@mh1-clt.711.net][Date Fri, 20 Aug 2004 12:08:32 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66534F62/[From auto-000060224554@mh1-clt.711.net][Date Fri, 20 Aug 2004 12:08:32 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66534F62 Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\66534F62 CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\676D15E7/document.txt .exe Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\676D15E7 ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\676D15E7 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\711C4C13 Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71506BD9/[From lisab@tosmag.com][Date Sun, 22 Aug 2004 10:25:34 -0700]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71506BD9/[From lisab@tosmag.com][Date Sun, 22 Aug 2004 10:25:34 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71506BD9 Mail: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71506BD9 CryptFF: suspicious - 2 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\76091050 Infected: Email-Worm.Win32.NetSky.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\767C7A9F/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\767C7A9F ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\767C7A9F CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\780E7FC2/[From postmaster@hotmail.com][Date Thu, 5 May 2005 21:11:23 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm
Advertisement
Register to Remove

Unread postby josec » September 14th, 2007, 1:36 pm

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\780E7FC2/[From postmaster@hotmail.com][Date Thu, 5 May 2005 21:11:23 -0700]/our_secret.zip Infected: Email-Worm.Win32.Sober.p skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\780E7FC2 Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\780E7FC2 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\787868B9/[From mjclimo@aol.com][Date Wed, 27 Oct 2004 12:47:27 -0700]/your_picture.pif Infected: Email-Worm.Win32.NetSky.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\787868B9 Mail: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\787868B9 CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C2E5A33.tmp/details.txt .pif Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C2E5A33.tmp ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C2E5A33.tmp CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7CAE27AE/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7CAE27AE ZIP: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7CAE27AE CryptFF: infected - 1 skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP11\change.log Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP7\A0004409.exe Infected: Trojan.Win32.BHO.ab skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash/[From taisha15 ][Date Date header was inserted by SMTP.Prodigy.Net.mx]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash/[From taisha15 ][Date Date header was inserted by SMTP.Prodigy.Net.mx]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash Mail Berkeley mbox: suspicious - 2 skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash.sbd\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED/[From "Corona. Jose (MSA)" ][Date Mon, 21 Jun 2004 20:37:20 -0700]/UNNAMED/[From "DennisJGottier Gottier" ][Date Tue, 22 Jun 2004 07:18:27 -0700]/html/[From "Brucelofgren" ][Date Thu, 29 Jul 2004 19:22:49 -0800]/html Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash.sbd\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED/[From "Corona. Jose (MSA)" ][Date Mon, 21 Jun 2004 20:37:20 -0700]/UNNAMED/[From "DennisJGottier Gottier" ][Date Tue, 22 Jun 2004 07:18:27 -0700]/html Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash.sbd\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED/[From "Corona. Jose (MSA)" ][Date Mon, 21 Jun 2004 20:37:20 -0700]/UNNAMED Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash.sbd\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\mail.lanset.com\Trash.sbd\Church.sbd\Nomination committee.sbd\2004 Mail Berkeley mbox: suspicious - 4 skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\pop.surewest.net\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED/[From "Corona. Jose (MSA)" ][Date Mon, 21 Jun 2004 20:37:20 -0700]/UNNAMED/[From "DennisJGottier Gottier" ][Date Tue, 22 Jun 2004 07:18:27 -0700]/html/[From "Brucelofgren" ][Date Thu, 29 Jul 2004 19:22:49 -0800]/html Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\pop.surewest.net\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED/[From "Corona. Jose (MSA)" ][Date Mon, 21 Jun 2004 20:37:20 -0700]/UNNAMED/[From "DennisJGottier Gottier" ][Date Tue, 22 Jun 2004 07:18:27 -0700]/html Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\pop.surewest.net\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED/[From "Corona. Jose (MSA)" ][Date Mon, 21 Jun 2004 20:37:20 -0700]/UNNAMED Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\pop.surewest.net\Church.sbd\Nomination committee.sbd\2004/[From Mjnchls9@aol.com][Date Mon, 7 Jun 2004 20:09:41 EDT]/UNNAMED Suspicious: Email-Worm.Win32.Bagle.mail skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\josec\gvchmvkb.slt\Mail\pop.surewest.net\Church.sbd\Nomination committee.sbd\2004 Mail Berkeley mbox: suspicious - 4 skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jer ... /[From "Jon Crump /(DGWEB TECHNICAL SUPPORT/)" ][Date Fri, 16 Aug 2002 15:04:51 -0700]/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[Fro ... /[From Sylvia ][Date Thu, 15 Aug 2002 14:05:36 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini ... /[From marthayourd ][Date Tue, 20 Aug 2002 22:59:45 -0400 (EDT ... /html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini ... /[From marthayourd ][Date Tue, 20 Aug 2002 22:59:45 -0400 (EDT)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Tue, 20 Aug 2002 13:45:38 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 17:02:26 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 15:09:21 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 08:42:17 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream. ... /[From nicpipkin ][Date Mon, 26 Aug 2002 06:04:44 -050 ... /html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbell ... /[From computersolutions ][Date Mon, 26 Aug 2002 19:08:05 -0500]/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Mor ... /[From letmepamperu@juno.com][Date Wed, 4 Sep 2002 21:57:10 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Wed, 4 Sep 2002 22:10:46 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Wed, 4 Sep 2002 14:31:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morr ... /[From letmepamperu@juno.com][Date Wed, 4 Sep 2002 11:57:26 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Fri, 30 Aug 2002 21:09:53 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From " ... /[From "Elena Barron" ][Date Mon, 26 Aug 2002 18:42:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Sheri Atkinson" ][Date Mon, 26 Aug 2002 09:25:42 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream. ... /[From nicpipkin ][Date Mon, 26 Aug 2002 06:04:44 -0500]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 14:59:30 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 14:00:09 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 13:40:31 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 13:59:00 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 13:43:13 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 08:29:53 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 21 Aug 2002 21:45:21 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jer ... /[From "Jon Crump /(DGWEB TECHNICAL SUPPORT/)" ][Date Sun, 18 Aug 2002 12:57:14 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From ][Date Wed, 14 Aug 2002 12:32:12 -0400]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From Jerry Jozwiak ][Date Tue, 13 Aug 2002 19:28:52 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[From "Tappan/Morrison" ][Date Mon, 12 Aug 2002 22:26:40 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 22:42:42 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 14:11:20 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 13:15:54 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Wed, 07 Aug 2002 15:18:31 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel ][Date Mon, 13 Jan 2003 15:36:13 --0800]/Movie_0074.mpeg.pi Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel " ][Date Mon, 13 Jan 2003 16:50:29 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 -0800 (Pacific Standard Time)]/UNNAMED Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" ][Date Tue, 2 Mar 2004 18:38:36 -0800]/text Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" ][Date Tue, 2 Mar 2004 14:47:14 -0600 (CST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson ... /[From TWTMHighSchool Moderator ][Date 4 May 2004 02:39:06 -0000]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Mon, 3 May 2004 14:15:16 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Sun, 2 May 2004 17:54:16 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Fri, 30 Apr 2004 13:05:47 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Tue, 27 Apr 2004 13:06:34 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Thu, 5 Feb 2004 08:36:27 -0800]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Application Data\Mozilla\Profiles\socrown\4ggh2yie.slt\Mail\mail.lanset.com\Inbox Mail Berkeley mbox: infected - 21, suspicious - 44 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\InetCntrl\applog.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\InetCntrl\AV\bsafsavi.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby Simon V. » September 14th, 2007, 3:24 pm

    Hi :)

    Empty Norton's Quarantine Files

  • Please go to this page and select your Norton product. Follow the instructions to delete your quarantine files.

    ATF Cleaner
  • Please download ATF Cleaner.

    Double-click on ATF-Cleaner.exe to start the program.
    Under the Main tab, put a check next to 'Select All'.
    Click the 'Empty Selected' button. (Note: if you select cookies, automated login at forums and sites will be disabled. If you do not want this, uncheck 'Cookies')

    If you use the Firefox browser:
    Click on Firefox at the top and put a check next to 'Select All'.
    If you would like to keep your saved passwords, click No at the prompt.
    Click the 'Empty Selected' button. (Note: if you select cookies, automated login at forums and sites will be disabled. If you do not want this, uncheck 'Cookies').

    If you use the Opera browser:
    Click on Opera at the top and put a check next to 'Select All'.
    If you would like to keep your saved passwords, click No at the prompt.
    Click the 'Empty Selected' button. (Note: if you select cookies, automated login at forums and sites will be disabled. If you do not want this, uncheck 'Cookies')

    AVG Anti-Spyware
  • Please download and install AVG Anti-Spyware.

    After the installation, open AVG Anti-Spyware and do the following:
    • Under 'Status', click on Change state, next to 'Resident shield' (this will change from Active to Inactive)
    • Under the 'Update' tab, click on 'Start update'.
    • Under 'Scanner', click on the 'Settings' tab:
      • Under 'How to act?', click on 'Recommended actions', and select Quarantine.
      • Under 'Reports', select 'Do not automatically generate reports'.
    Close AVG Anti-Spyware. Do not let it scan yet.

    Safe Mode
  • Print these instructions or copy them to Notepad and save it to your desktop, as you won't be able to access internet in Safe Mode.
  • Please reboot into Safe Mode. To do this, go to Start>Turn off Computer, and select Restart. Rapidly tap F8 just before Windows starts to load. In the menu that appears, select Safe Mode (Without Networking)

    AVG Anti-Spyware
  • Please open AVG Anti-Spyware.
    • Click on the 'Scan' tab.
    • Click on 'Complete System Scan' to start the scan process.
    • After the scan, do the following:
        Important: Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
      • Make sure that Set all elements to: shows Quarantine (1), if not, click on the link and select 'Quarantine' from the popup menu. (2)
      • At the bottom of the window click on the Apply all Actions button. (3)
      • When done, click the 'Save Report' (4) button, and save the file to your desktop.
    Image.
  • Reboot into Normal Mode.
  • Please check if your CD drive can read data. Post back to me with the AVG Anti-Spyware report, and tell me how everything (especially your CD drive) is working.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Unread postby josec » September 15th, 2007, 3:07 am

Hi Simon V. Thanks for the help.

My CD drive does not work. I also noticed my second hard drive is not working so it was not scanned (it is drive E). My CD drive and second hard drive are attached to my secondary IDE ribbon cable. I checked the device manager and found a "!" in front of the second IDE channel.

This is what I found under device status:

"Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Click Troubleshoot to start the troubleshooter for this device."

This is what I have in Driver File Details:

No check mark C:\WINDOWS\System32\drivers\$syscor.sys
Provider: First 4 Internet Not digital signed

green check mark C:\WINDOWS\System32\DRIVERS\atapi.sys
Provider: Microsoft Corporation Digital Signer: Microsoft Windows Publisher

green check mark C:\WINDOWS\System32\storprop.dll
Provider: Microsoft Corporation Digital Signer: Microsoft Windows Publisher

I have all the drivers for the computer on a CD but can't reinstall them because of the non functional second IDE channel.

The computer is running much better. When I launch an application it start in seconds instead of minutes (Thank You).

I hope this information is useful to you.

Here is the AVG Anti-Spyware report:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:53:35 PM 9/14/2007

+ Scan result:



C:\Program Files\TrueSwitch -> Adware.RogueSuspect : Cleaned with backup (quarantined).
C:\Program Files\TrueSwitch\TrueSwitch.log -> Adware.RogueSuspect : Cleaned with backup (quarantined).
C:\Program Files\TrueSwitch\jobs.xml -> Adware.RogueSuspect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Esaya\TrueAssistant -> Adware.RogueSuspect : Cleaned with backup (quarantined).
HKU\S-1-5-21-966960242-178758578-1211457525-1007\Software\Esaya\TrueAssistant -> Adware.RogueSuspect : Cleaned with backup (quarantined).
HKU\S-1-5-21-966960242-178758578-1211457525-1007\Software\Esaya\TrueAssistant\Info -> Adware.RogueSuspect : Cleaned with backup (quarantined).
C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll -> Adware.Viewpoint : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.11:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.132:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.219:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.62:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.74:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.194:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.195:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.196:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.197:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.198:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.199:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.200:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.67:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.97:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.98:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.215:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.216:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.217:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.8:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.202:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.235:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.45:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.46:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.47:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.152:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.153:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.169:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.170:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.171:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.172:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.173:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.174:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.175:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.45:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.46:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.47:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.48:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.85:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.176:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.177:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.178:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.179:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.180:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.54:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.55:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.56:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.57:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.58:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.59:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.186:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.187:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.38:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.39:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.40:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.41:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.42:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.191:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.192:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.193:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.195:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.211:C:\Documents and Settings\Jose\Application Data\Mozilla\Profiles\Janelle\b3nzzye9.slt\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.79:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.80:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.81:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.82:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.83:C:\Documents and Settings\Jose\Application Data\Mozilla\Firefox\Profiles\foixmb8a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end



I hope this information is helpful.
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby Simon V. » September 15th, 2007, 7:11 am

    Hi :)

    The information you gave is very helpful, thank you. You’re doing very well, we’re almost done :) We will try to fix your CD drive now.

    Download and Run Registry Search

    1. Launch Notepad, and copy/paste the contents of the quote box below into a new Notepad file. Save it with file name options.txt and save as file type: All files to your desktop.

    RegSearch Options File

    [Search]

    $sys$
    Cor.sys

    [Exclude]

    [Options]
    Filter=KVDLUI


    2. Download Registry Search to your desktop.
    • Right click on the compressed RegSearch folder, and choose "Extract All". In the box that pops open, click "Next", then "Next" again, and then "Finish". You now have another RegSearch folder on your desktop.
    • Open the new folder, and double click on regsearch.exe
    • Click "Import" in the lower left corner and browse to the options.txt file that you just saved on your desktop. Do not choose the one in the RegSearch folder itself.
    • Click OK and Registry Search will scan your registry for the file(s), and a Notepad box will open with a report.
    • Please save the report on your desktop, and post it back here.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Unread postby josec » September 15th, 2007, 2:41 pm

Hi Simon V.

Here is the report:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.5.0

; Results at 9/15/2007 11:32:14 AM for strings:
; '$sys$'
; 'cor.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\$sys$reference]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE]
"C:\\WINDOWS\\system32\\$sys$filesystem\\crater.sys[MofResource]"="LowDateTime:-1385796992,HighDateTime:29720651***Binary mof compiled successfully"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CoDeviceInstallers]
; Contents of value:
; SysSetup.Dll,StorageCoInstaller
; SysSetup.Dll,CriticalDeviceCoInstaller
; $sys$caj.dll,CoInstallCdrom
;
"{4D36E965-E325-11CE-BFC1-08002BE10318}"=hex(7):53,00,79,00,73,00,53,00,65,00,\
74,00,75,00,70,00,2e,00,44,00,6c,00,6c,00,2c,00,53,00,74,00,6f,00,72,00,61,\
00,67,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,00,00,53,00,79,00,73,00,53,00,65,00,74,00,75,00,70,00,2e,00,44,00,6c,\
00,6c,00,2c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,65,00,72,00,00,00,24,00,73,00,79,00,73,00,24,00,63,00,61,00,6a,00,2e,00,\
64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,00,00
; Contents of value:
; $sys$caj.dll,CoInstallPC
;
"{FF646F80-8DEF-11D2-9449-00105A075F6B}"=hex(7):24,00,73,00,79,00,73,00,24,00,\
63,00,61,00,6a,00,2e,00,64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,\
00,74,00,61,00,6c,00,6c,00,50,00,43,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]
; Contents of value:
; $sys$crater
; cdrbsvsd
;
"LowerFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,72,00,61,00,74,00,65,\
00,72,00,00,00,63,00,64,00,72,00,62,00,73,00,76,00,73,00,64,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]
; Contents of value:
; $sys$cor
;
"UpperFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,6f,00,72,00,00,00,00,\
00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM\0000]
"Service"="$sys$lim"
"DeviceDesc"="$sys$lim"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT\0000]
"Service"="$sys$oct"
"DeviceDesc"="$sys$oct"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\CoDeviceInstallers]
; Contents of value:
; SysSetup.Dll,StorageCoInstaller
; SysSetup.Dll,CriticalDeviceCoInstaller
; $sys$caj.dll,CoInstallCdrom
;
"{4D36E965-E325-11CE-BFC1-08002BE10318}"=hex(7):53,00,79,00,73,00,53,00,65,00,\
74,00,75,00,70,00,2e,00,44,00,6c,00,6c,00,2c,00,53,00,74,00,6f,00,72,00,61,\
00,67,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,00,00,53,00,79,00,73,00,53,00,65,00,74,00,75,00,70,00,2e,00,44,00,6c,\
00,6c,00,2c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,65,00,72,00,00,00,24,00,73,00,79,00,73,00,24,00,63,00,61,00,6a,00,2e,00,\
64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,00,00
; Contents of value:
; $sys$caj.dll,CoInstallPC
;
"{FF646F80-8DEF-11D2-9449-00105A075F6B}"=hex(7):24,00,73,00,79,00,73,00,24,00,\
63,00,61,00,6a,00,2e,00,64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,\
00,74,00,61,00,6c,00,6c,00,50,00,43,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]
; Contents of value:
; $sys$crater
; cdrbsvsd
;
"LowerFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,72,00,61,00,74,00,65,\
00,72,00,00,00,63,00,64,00,72,00,62,00,73,00,76,00,73,00,64,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]
; Contents of value:
; $sys$cor
;
"UpperFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,6f,00,72,00,00,00,00,\
00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM\0000]
"Service"="$sys$lim"
"DeviceDesc"="$sys$lim"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT\0000]
"Service"="$sys$oct"
"DeviceDesc"="$sys$oct"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CoDeviceInstallers]
; Contents of value:
; SysSetup.Dll,StorageCoInstaller
; SysSetup.Dll,CriticalDeviceCoInstaller
; $sys$caj.dll,CoInstallCdrom
;
"{4D36E965-E325-11CE-BFC1-08002BE10318}"=hex(7):53,00,79,00,73,00,53,00,65,00,\
74,00,75,00,70,00,2e,00,44,00,6c,00,6c,00,2c,00,53,00,74,00,6f,00,72,00,61,\
00,67,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,00,00,53,00,79,00,73,00,53,00,65,00,74,00,75,00,70,00,2e,00,44,00,6c,\
00,6c,00,2c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,65,00,72,00,00,00,24,00,73,00,79,00,73,00,24,00,63,00,61,00,6a,00,2e,00,\
64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,00,00
; Contents of value:
; $sys$caj.dll,CoInstallPC
;
"{FF646F80-8DEF-11D2-9449-00105A075F6B}"=hex(7):24,00,73,00,79,00,73,00,24,00,\
63,00,61,00,6a,00,2e,00,64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,\
00,74,00,61,00,6c,00,6c,00,50,00,43,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]
; Contents of value:
; $sys$crater
; cdrbsvsd
;
"LowerFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,72,00,61,00,74,00,65,\
00,72,00,00,00,63,00,64,00,72,00,62,00,73,00,76,00,73,00,64,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]
; Contents of value:
; $sys$cor
;
"UpperFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,6f,00,72,00,00,00,00,\
00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM\0000]
"Service"="$sys$lim"
"DeviceDesc"="$sys$lim"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT\0000]
"Service"="$sys$oct"
"DeviceDesc"="$sys$oct"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT\0000\LogConf]

; End Of The Log...
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby Simon V. » September 16th, 2007, 7:45 am

    Hi :)

    Combofix

  • Open Notepad, and copy/paste the text in the quotebox below into it:

    Code: Select all
    Registry::
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\$sys$reference] 
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE] 
    "C:\\WINDOWS\\system32\\$sys$filesystem\\crater.sys[MofResource]"=- 
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM] 
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT] 
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM] 
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT] 
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM] 
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT] 
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1] 
    "UpperFilters"=- 
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1] 
    "UpperFilters"=- 
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1] 
    "UpperFilters"=- 
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0] 
    "LowerFilters"=- 
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0] 
    "LowerFilters"=- 
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0] 
    "LowerFilters"=-
  • Save this as "CFScript".

    Image
  • Referring to the picture above, drag CFScript into ComboFix.exe.
  • It will create a log. Post it back here, and tell me if your CD drive is working.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Unread postby josec » September 16th, 2007, 1:09 pm

Hi Simon V.

Thank you for not giving up on this.

The CD drive still doesn't work. Driver File Details are still the same.


This is what I have in Driver File Details:

No check mark C:\WINDOWS\System32\drivers\$syscor.sys
Provider: First 4 Internet Not digital signed

green check mark C:\WINDOWS\System32\DRIVERS\atapi.sys
Provider: Microsoft Corporation Digital Signer: Microsoft Windows Publisher

green check mark C:\WINDOWS\System32\storprop.dll
Provider: Microsoft Corporation Digital Signer: Microsoft Windows Publisher


Here the the Log:

ComboFix 07-09-10.6 - "Jose" 2007-09-16 9:31:08.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.48 [GMT -7:00]
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-08-16 to 2007-09-16 )))))))))))))))))))))))))))))))
.

2007-09-14 19:29 <DIR> d-------- C:\Program Files\TrueSwitch
2007-09-14 17:27 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-09-12 20:26 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-12 00:37 <DIR> d-------- C:\DOCUME~1\Jose\APPLIC~1\TrojanHunter
2007-09-09 19:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2007-09-09 19:00 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2007-09-05 17:38 <DIR> d-------- C:\Program Files\TrojanHunter 4.7
2007-09-04 22:44 <DIR> d-------- C:\Program Files\Trend Micro
2007-08-31 14:43 12,160 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys
2007-08-31 14:43 12,160 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\mouhid.sys
2007-08-30 19:28 <DIR> d-------- C:\DOCUME~1\Jose\APPLIC~1\TrueSwitch
2007-08-30 19:27 <DIR> d-------- C:\Program Files\TrueSwitchComcast
2007-08-30 18:51 <DIR> d-------- C:\WINDOWS\SYSTEM32\LogFiles
2007-08-29 17:36 20,992 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys
2007-08-29 17:36 20,992 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\rtl8139.sys
2007-08-25 20:41 <DIR> d-------- C:\Program Files\support.com
2007-08-25 20:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
2007-08-22 17:56 <DIR> d-------- C:\WINDOWS\pss
2007-08-22 17:26 22,112 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\COH_Mon.sys
2007-08-21 21:21 28,672 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CO_Mon.sys
2007-08-20 10:13 <DIR> d-------- C:\Program Files\Teaching Textbooks
2007-08-20 10:12 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-08-18 21:29 1,088 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\pxfsf.dat
2007-08-18 13:20 77,312 --a------ C:\WINDOWS\ua2.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-11 16:57 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-09 18:36 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
2007-08-30 22:06 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-24 14:26 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-21 23:48 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-08-21 23:48 8014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-08-21 23:48 115000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-08-21 23:48 --------- d-------- C:\Program Files\Symantec
2007-08-09 20:25 --------- d-------- C:\Program Files\Handspring
2007-08-01 22:57 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
2007-07-31 14:38 --------- d-------- C:\DOCUME~1\Jose\APPLIC~1\Wal-Mart Digital Photo Manager
2007-07-31 14:37 --------- d-------- C:\Program Files\Wal-Mart
2007-07-30 15:53 --------- d-------- C:\DOCUME~1\Jose\APPLIC~1\OverDrive
.

((((((((((((((((((((((((((((( snapshot_2007-09-12_211826.34 )))))))))))))))))))))))))))))))))))))))))
.
----a-r 25,214 2007-09-16 06:07:46 C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A70000000000}\SC_Reader.exe
----a-w 277,149 2007-09-14 17:09:38 C:\WINDOWS\SYSTEM32\InetCntrl\AV\avvclean.dat
----a-w 8,767,413 2007-09-14 17:09:37 C:\WINDOWS\SYSTEM32\InetCntrl\AV\avvnames.dat
----a-w 222,645 2007-09-14 17:09:37 C:\WINDOWS\SYSTEM32\InetCntrl\AV\avvscan.dat
----a-w 66,772 2007-09-16 16:17:05 C:\WINDOWS\SYSTEM32\InetCntrl\Data\userpolicy.bin
.
----a-r 25,214 2006-06-17 19:11:20 C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A70000000000}\SC_Reader.exe
----a-w 276,549 2007-09-13 03:09:42 C:\WINDOWS\SYSTEM32\InetCntrl\AV\avvclean.dat
----a-w 8,707,565 2007-09-13 03:09:39 C:\WINDOWS\SYSTEM32\InetCntrl\AV\avvnames.dat
----a-w 222,597 2007-09-13 03:09:40 C:\WINDOWS\SYSTEM32\InetCntrl\AV\avvscan.dat
----a-w 68,886 2007-09-13 04:18:42 C:\WINDOWS\SYSTEM32\InetCntrl\Data\userpolicy.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 08:59]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 08:59]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 17:47]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-03-08 21:30]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-09-03 00:04]
"AcctMgr"="C:\Program Files\Norton Password Manager\AcctMgr.exe" [2004-08-18 14:41]
"InetCntrl"="C:\WINDOWS\system32\InetCntrl\InetCntrl.exe" [2007-01-29 11:10]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 18:12]
"Mouse Suite 98 Daemon"="ICO.EXE" [2003-11-20 14:08 C:\WINDOWS\SYSTEM32\ico.exe]
"THGuard"="C:\Program Files\TrojanHunter 4.7\THGuard.exe" [2007-08-11 20:49]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 02:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2007-01-08 17:55:46]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
CreataCard Plus 3 Forget Me Not Reminders Tray Icon.lnk - C:\Program Files\CreataCard\Plus\FMRemind.exe [2005-02-27 14:59:15]
DESKTOP.INI [2002-09-03 07:00:00]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 08:05:56]
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2003-04-06 00:37:38]

C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2002-09-03 07:00:00]

C:\DOCUME~1\Jose\STARTM~1\Programs\Startup\
Alarm Manager.LNK - C:\Program Files\Handspring\AlarmApp.exe [2004-06-05 11:30:24]
DESKTOP.INI [2002-09-03 07:00:00]
HotSync Manager.lnk - C:\Program Files\Handspring\HOTSYNC.EXE [2004-06-05 11:30:25]
TrueAssistant.lnk - C:\Program Files\TrueSwitchComcast\TrueWizard.exe [2007-08-23 07:44:38]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

R0 IFP700;iriver Internet Audio Player IFP-700;C:\WINDOWS\system32\drivers\ifp700.sys
R1 cdrbsvsd;cdrbsvsd;C:\WINDOWS\system32\drivers\cdrbsvsd.sys
R2 BCMNTIO;BCMNTIO;\??\C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys
R2 MAPMEM;MAPMEM;\??\C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys
R3 NPDriver;Norton Unerase Protection Driver;\??\C:\WINDOWS\system32\Drivers\NPDRIVER.SYS
R3 pelmouse;Mouse Suite Driver;C:\WINDOWS\system32\DRIVERS\pelmouse.sys
R3 pelusblf;USB Mouse Low Filter Driver;C:\WINDOWS\system32\DRIVERS\pelusblf.sys
S3 SDdriver;SDdriver;\??\C:\WINDOWS\system32\Drivers\sddriver.sys
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\LaunchU3.exe -a

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-09-14 23:22:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2004-10-02 20:36:34 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp officejet 6100 series#1096749329.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
"2004-04-28 05:38:08 C:\WINDOWS\Tasks\ISP signup reminder 1.job"
- C:\WINDOWS\System32\OOBE\OOBEBALN.EXE
"2007-09-15 03:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Jose.job"
- E:\NORTON~1\NORTON~1\Navw32.exe
"2007-09-10 19:00:00 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
"2007-09-15 07:00:17 C:\WINDOWS\Tasks\Symantec Drmc.job"
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-16 09:35:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-09-16 9:38:39
C:\ComboFix-quarantined-files.txt ... 2007-09-16 09:38
C:\ComboFix2.txt ... 2007-09-12 21:20
.
--- E O F ---
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby Simon V. » September 16th, 2007, 3:33 pm

josec wrote:Thank you for not giving up on this.


I will not give up on this. It's a little complicated with the CD drive, but we'll sort it out :) I'm currently researching a fix for you, and will be able to post back to you tomorrow. In the meantime: did you reboot after running the CFScript? If not, please do so and see if anything has changed.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Unread postby josec » September 16th, 2007, 4:56 pm

Hi Simon V.

Yes I did reboot my computer and the Windows XP doesn't recognize the CD drive. I believe the extra this line:

No check mark C:\WINDOWS\System32\drivers\$syscor.sys
Provider: First 4 Internet Not digital signed

in the second IDE Driver is causing the problem. That is only a guess.

Thanks.
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby Simon V. » September 17th, 2007, 10:36 am

    Hi :)

    It is indeed that line we are trying to remove. To determine the status of the computer, I would like you to run the previous regsearch again. It are the same instructions as last time:

    Run Registry Search

    1. Launch Notepad, and copy/paste the contents of the quote box below into a new Notepad file. Save it with file name options.txt and save as file type: All files to your desktop.

    RegSearch Options File

    [Search]

    $sys$
    Cor.sys

    [Exclude]

    [Options]
    Filter=KVDLUI


    2. Double-click on regsearch.exe.
  • Click "Import" in the lower left corner and browse to the options.txt file that you just saved on your desktop. Do not choose the one in the RegSearch folder itself.
  • Click OK and Registry Search will scan your registry for the file(s), and a Notepad box will open with a report.
  • Please save the report on your desktop, and post it back here.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Unread postby josec » September 17th, 2007, 12:40 pm

Hi, Simon V.

Here is the report from the registry search:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.5.0

; Results at 9/17/2007 9:34:35 AM for strings:
; '$sys$'
; 'cor.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CoDeviceInstallers]
; Contents of value:
; SysSetup.Dll,StorageCoInstaller
; SysSetup.Dll,CriticalDeviceCoInstaller
; $sys$caj.dll,CoInstallCdrom
;
"{4D36E965-E325-11CE-BFC1-08002BE10318}"=hex(7):53,00,79,00,73,00,53,00,65,00,\
74,00,75,00,70,00,2e,00,44,00,6c,00,6c,00,2c,00,53,00,74,00,6f,00,72,00,61,\
00,67,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,00,00,53,00,79,00,73,00,53,00,65,00,74,00,75,00,70,00,2e,00,44,00,6c,\
00,6c,00,2c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,65,00,72,00,00,00,24,00,73,00,79,00,73,00,24,00,63,00,61,00,6a,00,2e,00,\
64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,00,00
; Contents of value:
; $sys$caj.dll,CoInstallPC
;
"{FF646F80-8DEF-11D2-9449-00105A075F6B}"=hex(7):24,00,73,00,79,00,73,00,24,00,\
63,00,61,00,6a,00,2e,00,64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,\
00,74,00,61,00,6c,00,6c,00,50,00,43,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]
; Contents of value:
; $sys$crater
; cdrbsvsd
;
"LowerFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,72,00,61,00,74,00,65,\
00,72,00,00,00,63,00,64,00,72,00,62,00,73,00,76,00,73,00,64,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]
; Contents of value:
; $sys$cor
;
"UpperFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,6f,00,72,00,00,00,00,\
00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM\0000]
"Service"="$sys$lim"
"DeviceDesc"="$sys$lim"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$LIM\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT\0000]
"Service"="$sys$oct"
"DeviceDesc"="$sys$oct"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_$SYS$OCT\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\CoDeviceInstallers]
; Contents of value:
; SysSetup.Dll,StorageCoInstaller
; SysSetup.Dll,CriticalDeviceCoInstaller
; $sys$caj.dll,CoInstallCdrom
;
"{4D36E965-E325-11CE-BFC1-08002BE10318}"=hex(7):53,00,79,00,73,00,53,00,65,00,\
74,00,75,00,70,00,2e,00,44,00,6c,00,6c,00,2c,00,53,00,74,00,6f,00,72,00,61,\
00,67,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,00,00,53,00,79,00,73,00,53,00,65,00,74,00,75,00,70,00,2e,00,44,00,6c,\
00,6c,00,2c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,65,00,72,00,00,00,24,00,73,00,79,00,73,00,24,00,63,00,61,00,6a,00,2e,00,\
64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,00,00
; Contents of value:
; $sys$caj.dll,CoInstallPC
;
"{FF646F80-8DEF-11D2-9449-00105A075F6B}"=hex(7):24,00,73,00,79,00,73,00,24,00,\
63,00,61,00,6a,00,2e,00,64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,\
00,74,00,61,00,6c,00,6c,00,50,00,43,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]
; Contents of value:
; $sys$crater
; cdrbsvsd
;
"LowerFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,72,00,61,00,74,00,65,\
00,72,00,00,00,63,00,64,00,72,00,62,00,73,00,76,00,73,00,64,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]
; Contents of value:
; $sys$cor
;
"UpperFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,6f,00,72,00,00,00,00,\
00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM\0000]
"Service"="$sys$lim"
"DeviceDesc"="$sys$lim"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$LIM\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT\0000]
"Service"="$sys$oct"
"DeviceDesc"="$sys$oct"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_$SYS$OCT\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CoDeviceInstallers]
; Contents of value:
; SysSetup.Dll,StorageCoInstaller
; SysSetup.Dll,CriticalDeviceCoInstaller
; $sys$caj.dll,CoInstallCdrom
;
"{4D36E965-E325-11CE-BFC1-08002BE10318}"=hex(7):53,00,79,00,73,00,53,00,65,00,\
74,00,75,00,70,00,2e,00,44,00,6c,00,6c,00,2c,00,53,00,74,00,6f,00,72,00,61,\
00,67,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,00,00,53,00,79,00,73,00,53,00,65,00,74,00,75,00,70,00,2e,00,44,00,6c,\
00,6c,00,2c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,65,00,72,00,00,00,24,00,73,00,79,00,73,00,24,00,63,00,61,00,6a,00,2e,00,\
64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,00,00
; Contents of value:
; $sys$caj.dll,CoInstallPC
;
"{FF646F80-8DEF-11D2-9449-00105A075F6B}"=hex(7):24,00,73,00,79,00,73,00,24,00,\
63,00,61,00,6a,00,2e,00,64,00,6c,00,6c,00,2c,00,43,00,6f,00,49,00,6e,00,73,\
00,74,00,61,00,6c,00,6c,00,50,00,43,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]
; Contents of value:
; $sys$crater
; cdrbsvsd
;
"LowerFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,72,00,61,00,74,00,65,\
00,72,00,00,00,63,00,64,00,72,00,62,00,73,00,76,00,73,00,64,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]
; Contents of value:
; $sys$cor
;
"UpperFilters"=hex(7):24,00,73,00,79,00,73,00,24,00,63,00,6f,00,72,00,00,00,00,\
00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM\0000]
"Service"="$sys$lim"
"DeviceDesc"="$sys$lim"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$LIM\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT\0000]
"Service"="$sys$oct"
"DeviceDesc"="$sys$oct"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_$SYS$OCT\0000\LogConf]

; End Of The Log...
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby Simon V. » September 17th, 2007, 4:16 pm

    Hi :)

    We’ll try another approach. This is not easy, if you have question please ask them.

    PsTools

  • Please download PsTools (by Sysinternals) to your desktop.
    • Right click on the compressed PsTools folder, and choose "Extract All". In the box that pops open, click "Next", then "Next" again, and then "Finish". You now have another PsTools folder on your desktop.
    • Open the PsTools folder, and right-click on PsExec.exe. Select Cut, then navigate to C:\Windows\System32\, right-click anywhere, and select Paste. PsExec.exe should now be in your System32 folder.
    • Go to Start > Run, type cmd in the box, and hit Enter.
    • Type psexec –s –i –d regedit.exe, and hit Enter.
    • The Windows Registry Editor will open (Note: everything I ask you to delete is located in the window at the right of the Registry Editor). Navigate to this key: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]. Once there, right-click on LowerFilters and select Delete.
    • Navigate to this key: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]. Once there, right-click on UpperFilters and select Delete.
    • Navigate to this key: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]. Once there, right-click on LowerFilters and select Delete.
    • Navigate to this key: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]. Once there, right-click on UpperFilters and select Delete.
    • Navigate to this key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\CdRomHL-DT-ST_CD-ROM_GCR-8483B_______________1.05____\5&2641f507&0&0.0.0]. Once there, right-click on LowerFilters and select Delete.
    • Navigate to this key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCIIDE\IDEChannel\4&5551bdd&0&1]. Once there, right-click on UpperFilters and select Delete.
  • Reboot your computer. Check if your CD drive works and post back to me.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Unread postby josec » September 18th, 2007, 9:10 am

Hi Simon v.

I followed your instructions and my CD and second hard drive are operational again...............Thank YOU!
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm

Unread postby josec » September 18th, 2007, 9:17 am

I also ran Kaspersky on line scanner.

Here is the log:

KASPERSKY ONLINE SCANNER REPORT
Tuesday, September 18, 2007 5:55:37 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 18/09/2007
Kaspersky Anti-Virus database records: 420092
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
H:\
Scan Statistics
Total number of scanned objects 148154
Number of viruses found 4
Number of infected objects 33
Number of suspicious objects 58
Duration of the scan process 03:53:15

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip/v1.8.1/wbuninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-09-17_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Log.LiveUpdate Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\GTek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
C:\Documents and Settings\Jose\Application Data\Microsoft\Internet Explorer\UserData\index.dat Object is locked skipped
C:\Documents and Settings\Jose\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\History\History.IE5\MSHist012007091720070918\index.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temp\Perflib_Perfdata_960.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temp\~DFF7C6.tmp Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Jose\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jose\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jose\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\InetCntrl\applog.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\InetCntrl\AV\bsafsavi.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd17.com\Trash/[From taisha15 ][Date Date header was inserted by SMTP.Prodigy.Net.mx]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd17.com\Trash/[From taisha15 ][Date Date header was inserted by SMTP.Prodigy.Net.mx]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd17.com\Trash Mail Berkeley mbox: suspicious - 2 skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jer ... /[From "Jon Crump /(DGWEB TECHNICAL SUPPORT/)" ][Date Fri, 16 Aug 2002 15:04:51 -0700]/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[Fro ... /[From Sylvia ][Date Thu, 15 Aug 2002 14:05:36 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini ... /[From marthayourd ][Date Tue, 20 Aug 2002 22:59:45 -0400 (EDT ... /html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini ... /[From marthayourd ][Date Tue, 20 Aug 2002 22:59:45 -0400 (EDT)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Tue, 20 Aug 2002 13:45:38 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 17:02:26 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 15:09:21 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Mon, 19 Aug 2002 08:42:17 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream. ... /[From nicpipkin ][Date Mon, 26 Aug 2002 06:04:44 -050 ... /html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbell ... /[From computersolutions ][Date Mon, 26 Aug 2002 19:08:05 -0500]/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Mor ... /[From letmepamperu@juno.com][Date Wed, 4 Sep 2002 21:57:10 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Wed, 4 Sep 2002 22:10:46 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Wed, 4 Sep 2002 14:31:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morr ... /[From letmepamperu@juno.com][Date Wed, 4 Sep 2002 11:57:26 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Tappan/Morrison" ][Date Fri, 30 Aug 2002 21:09:53 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From " ... /[From "Elena Barron" ][Date Mon, 26 Aug 2002 18:42:30 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbelli ... /[From "Sheri Atkinson" ][Date Mon, 26 Aug 2002 09:25:42 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream. ... /[From nicpipkin ][Date Mon, 26 Aug 2002 06:04:44 -0500]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 14:59:30 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 14:00:09 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Fri, 23 Aug 2002 13:40:31 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 13:59:00 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 13:43:13 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Thu, 22 Aug 2002 08:29:53 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[F ... /[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 21 Aug 2002 21:45:21 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jer ... /[From "Jon Crump /(DGWEB TECHNICAL SUPPORT/)" ][Date Sun, 18 Aug 2002 12:57:14 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From ][Date Wed, 14 Aug 2002 12:32:12 -0400]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[Fro ... /[From Jerry Jozwiak ][Date Tue, 13 Aug 2002 19:28:52 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak < ... /[From "Tappan/Morrison" ][Date Mon, 12 Aug 2002 22:26:40 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 22:42:42 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 14:11:20 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Sun, 11 Aug 2002 13:15:54 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED/[From Jerry Jozwiak ][Date Wed, 07 Aug 2002 15:18:31 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED/[From TCLIEB2@aol.com][Date Wed, 24 Jul 2002 12:14:42 EDT]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text/[From lbellini@starstream.net (Bellini, Mike)][Date Wed, 24 Jul 2002 08:26:35 -0700 (Pacific Daylight Time)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text/[From Jerry Jozwiak ][Date Mon, 22 Jul 2002 13:33:40 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "Ed & Patty Gillespie" ][Date Sat, 20 Jul 2002 10:25:52 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel ][Date Mon, 13 Jan 2003 15:36:13 --0800]/Movie_0074.mpeg.pi Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 ... /[From "Diane Kradel " ][Date Mon, 13 Jan 2003 16:50:29 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text/[From "Leslie Bellini" ][Date Mon, 13 Jan 2003 08:51:54 -0800 (Pacific Standard Time)]/UNNAMED Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text/[From "eric engle" ][Date Sat, 11 Jan 2003 23:41:40 -0800]/text Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text/[From "herjeulucy " ][Date Sun, 12 Jan 2003 07:19:12 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "ellisfamjp " ][Date Sun, 12 Jan 2003 06:09:31 -0000]/text Infected: Email-Worm.Win32.Sobig.a skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" ][Date Tue, 2 Mar 2004 18:38:36 -0800]/text Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 ... /[From "Travelocity.com" ][Date Tue, 2 Mar 2004 14:47:14 -0600 (CST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson ... /[From TWTMHighSchool Moderator ][Date 4 May 2004 02:39:06 -0000]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Mon, 3 May 2004 14:15:16 -0700]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Sun, 2 May 2004 17:54:16 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Fri, 30 Apr 2004 13:05:47 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Tue, 27 Apr 2004 13:06:34 -0700]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED/[From "Sheri Atkinson" ][Date Thu, 5 Feb 2004 08:36:27 -0800]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED/[From "Leslie Bellini" ][Date Sat, 24 Jan 2004 08:22:38 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED/[From "Leslie Bellini" ][Date Fri, 16 Jan 2004 13:39:37 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text/[From "Anne Kincaid" ][Date Sun, 7 Dec 2003 19:50:13 -0900]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox/[From "sdosaka" ][Date Fri, 19 Sep 2003 05:27:39 -0000]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Inbox Mail Berkeley mbox: infected - 21, suspicious - 44 skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From carolyn.dc@juno.com][Date Tue, 2 Mar 2004 14:04:04 -0800]/talk_msg.zip/talk_msg.exe Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From carolyn.dc@juno.com][Date Tue, 2 Mar 2004 14:04:04 -0800]/talk_msg.zip Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From 166522828@snj-us-pcwp-702.kodak.com][Date Tue, 2 Mar 2004 18:17:51 -0800]/material.rtf.scr Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 2004 13:50:13 -0800]/UNNAMED/party.zip/party.doc.pif Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 2004 13:50:13 -0800]/UNNAMED/party.zip Infected: Email-Worm.Win32.NetSky.c skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr .. ... /[From christina miner ][Date Wed, 14 Apr 2004 15:18:58 -0700 (PDT)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr ... /[From Mail Delivery Subsyste ... /[From smithersd@juno.com][Date Mon, 12 Apr 2004 21:21:23 -0800]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tr ... /[From Mail Delivery Subsystem ][Date Fri, 5 Mar 2004 21:12:18 -0500 (EST)]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 20 ... /[From Sylvia ][Date Fri, 05 Mar 2004 18:21:57 -0800]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 20 ... /[From Lisa Eastman ][Date Wed, 3 Mar 2004 17:16:52 -0800]/text Suspicious: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED/[From lisa@tridc.com][Date Wed, 3 Mar 2004 13:50:13 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED/[From "John McDougall, M.D." ][Date Mon, 1 Mar 2004 21:04:22 -1000]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text/[From "Lisa Harder" ][Date Mon, 1 Mar 2004 10:05:21 -0800]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED/[From "Bruce Johannes" ][Date Fri, 19 Sep 2003 16:08:12 -0700]/text Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash/[From Kenna ][Date Thu, 18 Sep 2003 20:37:06 -0500]/UNNAMED Infected: Exploit.HTML.Iframe.FileDownload skipped
D:\RECYCLER\S-1-5-21-966960242-178758578-1211457525-1007\Dd18.com\Trash Mail Berkeley mbox: infected - 10, suspicious - 9 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\change.log Object is locked skipped
Scan process completed.
josec
Regular Member
 
Posts: 17
Joined: September 5th, 2007, 4:03 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 281 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware