PDA

View Full Version : IEEXPLORE.EXE help!


mccodd3
2007-11-18, 06:51
I am not a huge computer no it all but I followed your instructions using the Kaspersky scan online. I have this annoying IEXPLORE.exe process that i keep trying to end and it keeps popping back up using 99% of my cpu and very annoying pop ups, slowing my computer way down. I'm sure you guys have seen this a million times I just wanted to post my scan log and ask what further action I should take, thanks guys!

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, November 17, 2007 9:32:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/11/2007
Kaspersky Anti-Virus database records: 461025
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 200858
Number of viruses found: 6
Number of infected objects: 51
Number of suspicious objects: 0
Duration of the scan process: 04:21:39

Infected Object Name / Virus Name / Last Action
C:\4bee52ba43fdd18e7c4a16f7\spmsg.dll Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\spuninst.exe Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\branches.inf Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\eula.txt Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\KB883523.CAT Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\spcustom.dll Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\update.exe Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\update.ver Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\updatebr.inf Object is locked skipped
C:\4bee52ba43fdd18e7c4a16f7\update\update_SP2QFE.inf Object is locked skipped
C:\Documents and Settings\All Users\Application Data\file joy proc deaf\User Ace.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Retrospect Client\retroclient.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\WFUR522005\Application Data\Aim\haqctmcd\doolrpk\cert8.db Object is locked skipped
C:\Documents and Settings\WFUR522005\Application Data\Aim\haqctmcd\doolrpk\key3.db Object is locked skipped
C:\Documents and Settings\WFUR522005\Application Data\coal mags site\gwbwhfxm.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\WFUR522005\Application Data\coal mags site\roapehre.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\WFUR522005\Application Data\coal mags site\ShowPeak.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\WFUR522005\Application Data\coal mags site\soft ooze city.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\WFUR522005\Application Data\coal mags site\susifmti.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Brian" <Brian@lose-it-fast.biz>][Date Mon, 27 Sep 2004 15:49:21 -0800]/html/[From Smith Barney <identifdep_ref75899015999@smithbarney.com>][Date Tue, 28 Sep 2004 04:30:55 +0300]/html Infected: Trojan-Spy.HTML.Smitfraud.c skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Brian" <Brian@lose-it-fast.biz>][Date Mon, 27 Sep 2004 15:49:21 -0800]/html Infected: Trojan-Spy.HTML.Smitfraud.c skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Lucy" <Lucy@lose-it-fast.biz>][Date Wed, 29 Sep 2004 19:13:07 -0800]/text/[From Suntrust Bank <identdep_op42301704993@suntrust.com>][Date Thu, 30 Sep 2004 12:07:40 +0100]/html Infected: Trojan-Spy.HTML.Bankfraud.u skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Lucy" <Lucy@lose-it-fast.biz>][Date Wed, 29 Sep 2004 19:13:07 -0800]/text Infected: Trojan-Spy.HTML.Bankfraud.u skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html/[From "Antidote found in Crocodiles" <zytarqysmk@agt.net>][Date Sun, 03 Oct 2004 17:12:09 +0600]/UNNAMED/[From Citibank <antifraud.ref.num564773565@citibank.com>][Date Sun, 03 Oct 2004 11:37:52 -0200]/UNNAMED/html Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html/[From "Antidote found in Crocodiles" <zytarqysmk@agt.net>][Date Sun, 03 Oct 2004 17:12:09 +0600]/UNNAMED/[From Citibank <antifraud.ref.num564773565@citibank.com>][Date Sun, 03 Oct 2004 11:37:52 -0200]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html/[From "Antidote found in Crocodiles" <zytarqysmk@agt.net>][Date Sun, 03 Oct 2004 17:12:09 +0600]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Documents and Settings\WFUR522005\Application Data\Thunderbird\Profiles\s3hlzqk3.default\Mail\mail.comcast.net\Trash Mail Berkeley mbox: infected - 10 skipped
C:\Documents and Settings\WFUR522005\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbc2e.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbdam Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbdao Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbeam Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbeao Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbm Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbu2d.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbvm.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\dbvmh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\fii.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\fiih.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\hp Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\hpt2i.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\rpm.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\rpm1m.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\rpm1mh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\rpmh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-black-enchashm.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-black-enchashmh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-black-urlm.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-black-urlmh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-malware-domainm.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-malware-domainmh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-white-domainm.cf1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Google\Google Desktop\85b9de05b485\safeweb\goog-white-domainmh.ht1 Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\WFUR522005\Local Settings\History\History.IE5\MSHist012007111720071118\index.dat Object is locked skipped
C:\Documents and Settings\WFUR522005\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\WFUR522005\ntuser.dat.LOG Object is locked skipped
C:\logfiles\pfirewall.log Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-11-17.16-39-54.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\TEMP\bis10.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\TEMP\bis11.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\TEMP\bis144D.exe Infected: Trojan.Win32.Obfuscated.en skipped
mccodd3
2007-11-18, 06:52
C:\TEMP\~DFAD2D.tmp Object is locked skipped
C:\TEMPIE\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Brian" <Brian@lose-it-fast.biz>][Date Mon, 27 Sep 2004 15:49:21 -0800]/html/[From Smith Barney <identifdep_ref75899015999@smithbarney.com>][Date Tue, 28 Sep 2004 04:30:55 +0300]/html Infected: Trojan-Spy.HTML.Smitfraud.c skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Brian" <Brian@lose-it-fast.biz>][Date Mon, 27 Sep 2004 15:49:21 -0800]/html Infected: Trojan-Spy.HTML.Smitfraud.c skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Lucy" <Lucy@lose-it-fast.biz>][Date Wed, 29 Sep 2004 19:13:07 -0800]/text/[From Suntrust Bank <identdep_op42301704993@suntrust.com>][Date Thu, 30 Sep 2004 12:07:40 +0100]/html Infected: Trojan-Spy.HTML.Bankfraud.u skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Lucy" <Lucy@lose-it-fast.biz>][Date Wed, 29 Sep 2004 19:13:07 -0800]/text Infected: Trojan-Spy.HTML.Bankfraud.u skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html/[From "Antidote found in Crocodiles" <zytarqysmk@agt.net>][Date Sun, 03 Oct 2004 17:12:09 +0600]/UNNAMED/[From Citibank <antifraud.ref.num564773565@citibank.com>][Date Sun, 03 Oct 2004 11:37:52 -0200]/UNNAMED/html Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html/[From "Antidote found in Crocodiles" <zytarqysmk@agt.net>][Date Sun, 03 Oct 2004 17:12:09 +0600]/UNNAMED/[From Citibank <antifraud.ref.num564773565@citibank.com>][Date Sun, 03 Oct 2004 11:37:52 -0200]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html/[From "Antidote found in Crocodiles" <zytarqysmk@agt.net>][Date Sun, 03 Oct 2004 17:12:09 +0600]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED/[From "Vernon " <rzztpaxbmq@freemail.ru>][Date Sat, 02 Oct 2004 11:13:09 +0400]/html Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED/[From "JACQUELINE" <adellenott@superpstore.every1.net>][Date Fri, 01 Oct 2004 23:15:37 -0500]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash/[From "Irma Schafer" <PNVYCHQJZMK@lineone.net>][Date Fri, 01 Oct 2004 21:51:29 +0400]/UNNAMED Infected: Trojan-Spy.HTML.Citifraud.ai skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\mail.comcast-1.net\Trash Mail Berkeley mbox: infected - 10 skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED/[From Carissa Ho <xkibrnlxsur@hotmail.com>][Date Wed, 14 Sep 2005 05:19:25 +0600]/UNNAMED/[From Hershel Oakes <zraolauehlc@yahoo.com>][Date Tue, 13 Sep 2005 17:27:42 -0600 ... /[From "Chase Man ... /[From eBay <support_ref_1588908775601@ebay.com>][Date Sat, 17 Sep 2005 08:16:23 -0400]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED/[From Carissa Ho <xkibrnlxsur@hotmail.com>][Date Wed, 14 Sep 2005 05:19:25 +0600]/UNNAMED/[From Hershel Oakes <zraolauehlc@yahoo.com>][Date Tue, 13 Sep 2005 17:27:42 -0600 ... /[From "Chase Manh ... /[From "Fayad Joao" <Kenward@everymail.net>][Date Sat, 17 Sep 2005 04:22:09 +0000]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED/[From Carissa Ho <xkibrnlxsur@hotmail.com>][Date Wed, 14 Sep 2005 05:19:25 +0600]/UNNAMED/[From Hershel Oakes <zraolauehlc@yahoo.com>][Date Tue, 13 Sep 2005 17:27:42 -0600 ... /[From "Chase Manh ... /[From "Jp Morgan Chase" <contact@chase.com>][Date Thu, 15 Sep 2005 18:13:57 -0300]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED/[From Carissa Ho <xkibrnlxsur@hotmail.com>][Date Wed, 14 Sep 2005 05:19:25 +0600]/UNNAMED/[From Hershel Oakes <zraolauehlc@yahoo.com>][Date Tue, 13 Sep 2005 17:27:42 -0600 ... /[From "Chase Manhattan Bank Security Service" <security@chase.com>][Date Wed, 14 Sep 2005 12:59:27 -0200]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED/[From Carissa Ho <xkibrnlxsur@hotmail.com>][Date Wed, 14 Sep 2005 05:19:25 +0600]/UNNAMED/[From Hershel Oakes <zraolauehlc@yahoo.com>][Date Tue, 13 Sep 2005 17:27:42 -0600]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED/[From Carissa Ho <xkibrnlxsur@hotmail.com>][Date Wed, 14 Sep 2005 05:19:25 +0600]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Amazon.com" <video-store@amazon.com>][Date 12 Sep 2005 21:49:31 -0700]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Bruce" <sales@iomhq.org.uk>][Date Thu, 22 Sep 2005 06:19:07 +0000]/html/[From "service@paypal.com" <service@paypal.com>][Date Thu, 22 Sep 2005 11:27:25 -0700]/html Infected: Trojan-Spy.HTML.Paylap.ez skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Bruce" <sales@iomhq.org.uk>][Date Thu, 22 Sep 2005 06:19:07 +0000]/html/[From from 8bit to quoted-printable by f4n1.wfunet.wfu.edu id j8NDcQ1T008415][Date Fri, 23 Sep 2005 13:38:13 +0000]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Bruce" <sales@iomhq.org.uk>][Date Thu, 22 Sep 2005 06:19:07 +0000]/html/[From "Cecelia" <ass.urbanistica@testbest.net>][Date Sun, 25 Sep 2005 06:45:17 +0000]/html/[From eBay Inc <support_ref_715015811@ebay.com>][Date Mon, 26 Sep 2005 01:03:38 -0300]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Bruce" <sales@iomhq.org.uk>][Date Thu, 22 Sep 2005 06:19:07 +0000]/html/[From "Cecelia" <ass.urbanistica@testbest.net>][Date Sun, 25 Sep 2005 06:45:17 +0000]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From "Bruce" <sales@iomhq.org.uk>][Date Thu, 22 Sep 2005 06:19:07 +0000]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From GNC <info@gnccme.gncgoldcardclub.com>][Date Fri, 30 Sep 2005 02:11:19 -0400 (Eastern Daylight Time)]/UNNAMED/[From eBay Inc <supprefnum8216815@ebay.com>][Date Sat, 01 Oct 2005 11:14:59 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From GNC <info@gnccme.gncgoldcardclub.com>][Date Fri, 30 Sep 2005 02:11:19 -0400 (Eastern Daylight Time)]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From Live Nation <concertupdate@livenation.com>][Date 12 Jan 2006 02:48:42 -0000]/UNNAMED/[From Ticketmaster <newsletter@reply.ticketmaster.com>][Date 13 Jan 2006 01:21:59 -0800]/UNNAMED/[From eBay Inc <support_refnum_60812@ebay.com>][Date Mon, 16 Jan 2006 22:21:08 -0100]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From Live Nation <concertupdate@livenation.com>][Date 12 Jan 2006 02:48:42 -0000]/UNNAMED/[From Ticketmaster <newsletter@reply.ticketmaster.com>][Date 13 Jan 2006 01:21:59 -0800]/UNNAMED/[From eBay Inc <support_refnum_60812@ebay.com>][Date Mon, 16 Jan 2006 22:21:08 -0100]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From Live Nation <concertupdate@livenation.com>][Date 12 Jan 2006 02:48:42 -0000]/UNNAMED/[From Ticketmaster <newsletter@reply.ticketmaster.com>][Date 13 Jan 2006 01:21:59 -0800]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED/[From Live Nation <concertupdate@livenation.com>][Date 12 Jan 2006 02:48:42 -0000]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash/[From "Connected Living - New England" <connected_living@comcast.com>][Date Thu, 18 Aug 2005 14:27:14 -0400]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Userdata\Mozilla\zudmwfk9.slt\Mail\pop.wfu.edu1\Trash Mail Berkeley mbox: infected - 19 skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\Netlogon.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd5261.sys Object is locked skipped
C:\WINDOWS\system32\drivers\vaxscsi.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.