View Full Version : llehs.com and other pop up ads
starting about 3 days ago, my computer has been acting really weird. My computer has been acting unusually slow when it starts up and all I get is pop up spams of llehs.com and spyware sites tht claim "I have spyware" and force me to install their software (which, of course, I dont) I use 3 main security programs: AVG 7.5, Webroot Spy Sweeper and Spybot Search and Destroy. So far AVG has been spamming with a bunch of threats, Webroot cleaned out some spyware but I guess it still didnt do anything and neither did Spybot.
Here is my HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:05:06 PM, on 7/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{36814E7D-E399-4646-9E8F-6453EC9A4885}\Blaero Start Orb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Haroon Khalid\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [icq.com] "rundll32.exe" "C:\WINDOWS\system32\sueoufcb.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)
--
End of file - 10465 bytes
Hi Soniku
Rename HijackThis.exe to scanner.exe and post back a fresh HijackThis log, please :)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:43:51 PM, on 7/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{3BDB54E4-8254-46A8-961A-B88B1CD554A6}\Blaero Start Orb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3F4F125D-F31E-4D37-AC35-E50128670469} - C:\WINDOWS\system32\vtutuvu.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8D9E7E74-B2EC-465B-A5BB-DE472031D3FA} - C:\WINDOWS\system32\pmnno.dll (file missing)
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\hkvprdvn.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\wnjqbjqq.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: vtutuvu - vtutuvu.dll (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)
--
End of file - 11355 bytes
Hi
Please download VundoFix.exe (http://www.atribune.org/ccount/click.php?id=4) to your desktop.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.
VundoFix V6.5.6
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.10
Java version is 1.5.0.11
Scan started at 12:04:52 PM 7/21/2007
Listing files found while scanning....
C:\windows\system32\hkvprdvn.dll
C:\WINDOWS\system32\onnmp.bak1
C:\WINDOWS\system32\onnmp.bak2
C:\WINDOWS\system32\onnmp.ini
C:\WINDOWS\system32\onnmp.ini2
C:\WINDOWS\system32\onnmp.tmp
C:\WINDOWS\system32\pmnno.dll
C:\windows\system32\qqjbqjnw.ini
C:\WINDOWS\system32\wnjqbjqq.dll
Beginning removal...
Attempting to delete C:\windows\system32\hkvprdvn.dll
C:\windows\system32\hkvprdvn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\onnmp.bak1
C:\WINDOWS\system32\onnmp.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\onnmp.bak2
C:\WINDOWS\system32\onnmp.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\onnmp.ini
C:\WINDOWS\system32\onnmp.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\onnmp.ini2
C:\WINDOWS\system32\onnmp.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\onnmp.tmp
C:\WINDOWS\system32\onnmp.tmp Has been deleted!
Attempting to delete C:\windows\system32\qqjbqjnw.ini
C:\windows\system32\qqjbqjnw.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\wnjqbjqq.dll
C:\WINDOWS\system32\wnjqbjqq.dll Has been deleted!
Performing Repairs to the registry.
Done!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:19 PM, on 7/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{C617E2FF-2CE8-41C9-B45F-99E3F8048474}\Blaero Start Orb.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3F4F125D-F31E-4D37-AC35-E50128670469} - C:\WINDOWS\system32\vtutuvu.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8D9E7E74-B2EC-465B-A5BB-DE472031D3FA} - C:\WINDOWS\system32\pmnno.dll (file missing)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: vtutuvu - vtutuvu.dll (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)
--
End of file - 11223 bytes
Hi
Open HijackThis, click do a system scan only and checkmark these:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {3F4F125D-F31E-4D37-AC35-E50128670469} - C:\WINDOWS\system32\vtutuvu.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8D9E7E74-B2EC-465B-A5BB-DE472031D3FA} - C:\WINDOWS\system32\pmnno.dll (file missing)
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: vtutuvu - vtutuvu.dll (file missing)
Close all windows including browser and press fix checked.
Reboot.
1. Download combofix from one of these links:
Link1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link2 (http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe)
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Post:
- a fresh HijackThis log
- combofix report
"Haroon Khalid" - 2007-07-21 12:41:26 - ComboFix 07-07-14.6 - Service Pack 2 NTFS
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\HAROON~1\APPLIC~1.\addon.dat
C:\WINDOWS\msresearch1.dat
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\nm
((((((((((((((((((((((((( Files Created from 2007-06-21 to 2007-07-21 )))))))))))))))))))))))))))))))
2007-07-21 12:41 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-21 12:04 <DIR> d-------- C:\VundoFix Backups
2007-07-19 17:57 22,080 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sshrmd.sys
2007-07-19 17:57 21,056 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sskbfd.sys
2007-07-19 17:57 20,544 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SSFS0509.sys
2007-07-19 17:57 144,448 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ssidrv.sys
2007-07-19 17:56 <DIR> d-------- C:\DOCUME~1\HAROON~1\APPLIC~1\Webroot
2007-07-19 17:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
2007-07-18 19:41 9,216 --a------ C:\WINDOWS\SYSTEM32\avgwlntf.dll
2007-07-18 18:57 110,592 --a------ C:\WINDOWS\SYSTEM32\avgfwafu.dll
2007-07-18 18:20 3,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgArCln.sys
2007-07-18 17:43 <DIR> d-------- C:\Program Files\Trend Micro
2007-07-17 19:19 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-13 21:46 6 --a------ C:\tw0001.dat
2007-07-13 19:08 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-07-12 20:50 <DIR> d-------- C:\Program Files\iPod
2007-07-12 20:49 <DIR> d-------- C:\Program Files\iTunes
2007-07-12 19:39 <DIR> d-------- C:\Program Files\Error Repair Professional
2007-07-12 18:51 <DIR> d-------- C:\Program Files\MSN Messenger
2007-06-29 14:55 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-06-29 14:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-06-26 18:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
2007-06-26 11:34 <DIR> d-------- C:\Program Files\Windows Updates Downloader
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-20 03:05:38 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\uTorrent
2007-07-20 01:35:02 -------- d-----w C:\Program Files\Mozilla Firefox 2 Beta 2
2007-07-19 22:37:07 -------- d-----w C:\Program Files\STK016_V2.01
2007-07-18 02:47:59 -------- d-----w C:\Program Files\7-Zip
2007-07-13 23:10:55 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\Skype
2007-07-13 23:08:36 -------- d-----w C:\Program Files\Skype
2007-07-13 03:21:06 -------- d-----w C:\Program Files\World of Warcraft
2007-07-13 00:48:04 -------- d-----w C:\Program Files\QuickTime
2007-07-13 00:44:39 -------- d-----w C:\Program Files\Apple Software Update
2007-07-13 00:37:54 -------- d-----w C:\Program Files\RipCast 1.9
2007-07-13 00:36:49 -------- d-----w C:\Program Files\LimeWire
2007-07-13 00:35:53 -------- d-----w C:\Program Files\YPOPs
2007-07-03 01:07:07 -------- d-----w C:\Program Files\Mozilla Thunderbird
2007-06-26 21:10:26 -------- d-----w C:\Program Files\MagicISO
2007-06-26 15:39:27 10,436 -c--a-w C:\WINDOWS\mozver.dat
2007-06-18 01:01:36 -------- d-----w C:\Program Files\ATI Technologies
2007-06-18 00:28:54 2,644 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-06-17 23:49:12 1,540 ----a-w C:\WINDOWS\system32\d3d8caps.dat
2007-06-17 23:25:40 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\atitray
2007-06-17 23:12:13 -------- d-----w C:\Program Files\MultiRes
2007-06-17 23:11:01 451,072 ----a-w C:\WINDOWS\Radeon Omega Drivers v3.8.360 Uninstall.exe
2007-06-17 23:11:01 -------- d-----w C:\Program Files\Radeon Omega Drivers
2007-06-16 21:26:48 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-16 16:26:05 -------- d-----w C:\Program Files\Scions of Fate
2007-06-15 22:32:14 -------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2007-06-05 21:17:22 -------- d--h--w C:\Program Files\WindowsUpdate
2007-06-02 18:56:31 -------- d-----w C:\Program Files\Gpotato
2007-06-02 00:42:21 -------- d-----w C:\Program Files\nullDC
2007-06-01 22:33:29 -------- d-----w C:\Program Files\Free WMA to MP3 Converter
2007-06-01 22:33:15 -------- d-----w C:\Program Files\Image-Line
2007-06-01 22:32:23 -------- d-----w C:\Program Files\Cheat Engine
2007-05-31 23:30:22 266,088 ----a-w C:\WINDOWS\system32\xactengine2_8.dll
2007-05-31 23:29:42 18,280 ----a-w C:\WINDOWS\system32\x3daudio1_2.dll
2007-05-31 01:19:14 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\Hamachi
2007-05-31 01:18:01 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-05-29 23:02:10 -------- d-----w C:\Program Files\AC Tool
2007-05-29 23:01:47 -------- d-----w C:\Program Files\DivX
2007-05-27 01:04:17 -------- d-----w C:\Program Files\VstPlugins
2007-05-24 00:24:10 -------- d-----w C:\Program Files\Power Tab Software
2007-05-17 21:30:48 318,976 ----a-w C:\WINDOWS\system32\avisynth.dll
2007-05-16 20:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
2007-05-16 20:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
2007-05-16 20:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-14 19:24:30 394,240 ----a-w C:\WINDOWS\system32\Smab.dll
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-24 02:10:24 1,767 -c--a-w C:\WINDOWS\system32\sdbackup.reg
2007-01-06 03:47:31 0 -c--a-w C:\DOCUME~1\HAROON~1\APPLIC~1\TORplugin.dat
2006-02-05 22:29:15 184,680 -c--a-w C:\DOCUME~1\HAROON~1\APPLIC~1\shb.dat
2002-01-18 11:52:12 3,932 -c----w C:\DOCUME~1\HAROON~1\APPLIC~1\LMLayout.dat
2005-05-13 22:12:00 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-07-14 17:31:20 27,648 -csha-r C:\WINDOWS\SYSTEM32\AVSredirect.dll
2005-06-26 20:32:28 616,448 -csha-r C:\WINDOWS\SYSTEM32\cygwin1.dll
2005-06-22 03:37:42 45,568 -csha-r C:\WINDOWS\SYSTEM32\cygz.dll
2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\SYSTEM32\flvDX.dll
2004-01-25 05:00:00 70,656 -csha-r C:\WINDOWS\SYSTEM32\i420vfw.dll
2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\SYSTEM32\msfDX.dll
2006-10-12 03:09:39 94,208 -csha-w C:\WINDOWS\SYSTEM32\SalaatTime.dll
2005-02-28 18:16:22 240,128 -csha-r C:\WINDOWS\SYSTEM32\x.264.exe
2004-01-25 05:00:00 70,656 --sha-r C:\WINDOWS\SYSTEM32\yv12vfw.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-07-12 04:00 501136 --a------ C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-03-05 14:17]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"AtiPTA"="atiptaxx.exe" [2006-02-21 20:05 C:\WINDOWS\SYSTEM32\atiptaxx.exe]
"VisualTooltip"="C:\Program Files\VisualTooltip\VisualToolTip.exe" [2006-10-06 10:21]
"Blaero Start Orb"="C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe" [2006-07-30 20:32]
"Styler"="C:\Program Files\Styler\Styler.exe" [2006-05-03 11:48]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-07-18 19:41]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 16:41]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll --a------ 2007-07-18 19:41 9216 C:\WINDOWS\SYSTEM32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll --a------ 2007-06-04 20:26 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1e0d732-865f-11db-a1ee-000bdb81b02e}]
AutoRun\command- D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dbf37642-7f37-11db-a1d9-000bdb81b02e}]
AutoRun\command- G:\SETUP.EXE
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F52A6CEE-DBD6-3EC2-6A74-D6E92795C440}
C:\WINDOWS\system32/m01ti2\server.exe s
Contents of the 'Scheduled Tasks' folder
2007-07-19 03:26:15 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-21 01:00:05 C:\WINDOWS\tasks\Disk Cleanup.job
2007-07-21 00:00:02 C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (DCN07L31-Haroon Khalid).job
2007-07-21 16:51:23 C:\WINDOWS\tasks\Windows Media Player.job
2005-11-05 18:57:28 C:\WINDOWS\tasks\XoftSpy.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-21 12:52:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-07-21 12:57:46 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-21 12:56
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:03:12 PM, on 7/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{2ECE5A29-D3C5-4F89-AB02-725C9972C841}\Blaero Start Orb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)
--
End of file - 10144 bytes
Hi
Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows (http://www.xtra.co.nz/help/0,,4155-1916458,00.html)
Please click this link-->Jotti (http://virusscan.jotti.org/)
When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.
C:\WINDOWS\system32\m01ti2\server.exe
Please post back the results of the scan in your next post.
If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/flash/index_en.html
I've tried the steps to show all hidden files and browsed for server.exe but the only thing that appears in m01ti2 folder is klog
Hi
Then just copy/paste file path with filename to jotti/virustotal and click submit.
I tried both sites just to be sure and scanned inside the folder. The folder has no viruses.
Hi
Ok.
Please do an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/downloads/kws/kavwebscan.html). You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings
In the scan settings make sure that the following are selected:
o Scan using the following Anti-Virus database:
+ Extended (If available otherwise Standard)
o Scan Options:
+ Scan Archives
+ Scan Mail Bases
Click OK
Now under select a target to scan select My Computer
The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button
Save the file to your desktop.
Copy and paste that information in your next post.
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
Post:
- a fresh HijackThis log
- kaspersky report
KASPERSKY ONLINE SCANNER REPORT
Monday, July 23, 2007 10:05:10 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 24/07/2007
Kaspersky Anti-Virus database records: 366931
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 132436
Number of viruses found 19
Number of infected objects 306
Number of suspicious objects 2
Duration of the scan process 04:00:25
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\AvgFwLog.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\AvgFwLog.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Documents\DESKTOP.INI Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\AlbumArtSmall.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\AlbumArt_{79D3A434-2D93-4194-AD18-F79744B5CF43}_Large.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\AlbumArt_{79D3A434-2D93-4194-AD18-F79744B5CF43}_Small.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Folder.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\New Playlist.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Send To Playlist.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Sonic Favorites.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Um...wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArtSmall.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{08115859-E625-4BCD-83A8-57E01873B42F}_Large.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{08115859-E625-4BCD-83A8-57E01873B42F}_Small.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Large.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Small.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Beethoven's Symphony No. 9 (Scherzo).wma Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\DESKTOP.INI Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Folder.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\New Stories (Highway Blues).wma Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Thumbs.db Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- 4 and 5 star rated.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Have not heard recently.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Listen to late at night.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Listen to on Weekdays.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Listen to on Weekends.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- One Audio CD worth.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- One Data CD-R worth.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Fresh tracks -- yet to be played.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Fresh tracks -- yet to be rated.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Fresh tracks.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\High bitrate media in my library.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Low bitrate media in my library.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Music tracks I dislike.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Music tracks I have not rated.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Music tracks with content protection.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\01_Music_auto_rated_at_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\02_Music_added_in_the_last_month.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\03_Music_rated_at_4_or_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\04_Music_played_in_the_last_month.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\05_Pictures_taken_in_the_last_month.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\06_Pictures_rated_4_or_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\07_TV_recorded_in_the_last_week.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\08_Video_rated_at_4_or_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\09_Music_played_the_most.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\10_All_Music.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\11_All_Pictures.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\12_All_Video.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Blue hills.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\DESKTOP.INI Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Sunset.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Water lilies.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Winter.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\America Online 8.0.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Dell Jukebox by musicmatch.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\E-mail.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Launch Internet Explorer Browser.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\playo Quick Help.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Shortcut (2) to Show Desktop.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Shortcut to Show Desktop.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\cert8.db Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\flashgot.log Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\history.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\key3.db Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\parent.lock Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:37:02 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 01:23:38 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 13:30:44 - ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 19:19:08 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 00:24:29 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 04:15:13 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 +020 ... /text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 +020 ... /text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 +090 ... /html Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... / ... ... /[From recount ][Date Sat, 13 Jan 2007 13:37:16 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... / ... /[From "Calv ... /[From "Harvey" ][Date Wed, 1 Jan 2003 02:19:17 +0200]/text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... / ... /[From "Calvin Patterson" ][Date Thu, 01 Jan 2004 00:49:26 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From "Claude Hendrickson" ][Date Fri, 30 Jan 2004 18:58:44 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From Lizzie Mobley ][Date Mon, 1 Jan 2007 20:23:01 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From Lizzie Mobley ][Date Mon, 1 Jan 2007 20:23:01 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From "David Graham" ][Date Tue, 02 Jan 2007 10:43:25 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " ... /[From "Rodney Diaz" ][Date Tue, 02 Jan 2007 10:15:35 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Travis Hunter" ][Date Tue, 02 Jan 2007 11:58:74 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... ... ... /[From "Marvin" ][Date Tue, 02 Jan 2007 15:26:59 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... ... /[From frosted ][Date Tue, 2 Jan 2007 12:50:45 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... / .. ... /[From "Jeffery Howard" ][Date Tue, 02 Jan 2007 05:14:10 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... / ... /[From Merrill Patty ][Date Tue, 2 Jan 2007 14:31:21 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... /[From "S ... /[From "Randall" ][Date Tue, 02 Jan 2007 19:22:49 -0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... /[From "Samuel Perry" ][Date Wed, 03 Jan 2007 13:29:41 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[From "Maryellen Mills" ][Date Wed, 03 Jan 2007 08:56:37 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Howard L. Tibbie" ][Date Wed, 3 Jan 2007 09:15:52 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... ... /[From "Jeff" ][Date Wed, 03 Jan 2007 15:30:54 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[Fro . ... /[From "Alexander" ][Date Wed, 03 Jan 2007 15:24:49 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[Fro ... /[From Armstrong ][Date Wed, 3 Jan 2007 18:42:15 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[Fro ... /[From "Jim Brooks" ][Date Wed, 03 Jan 2007 11:58:18 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[From "J ... /[From Adrian Kuhn ][Date Wed, 3 Jan 2007 20:45:21 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[From "James Rivera" ][Date Wed, 03 Jan 2007 22:41:37 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... ... /[ ... /[Fr ... /[From "Fifth Third Bank" ]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... ... /[ ... /[From "Scott" ][Date Thu, 04 Jan 2007 16:13:58 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... ... /[From "Lilian Bryant" ][Date Thu, 4 Jan 2007 22:05:18 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... /[Fr ... /[From "Jose" ][Date Thu, 04 Jan 2007 17:28:32 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... /[From Delacruz K. Emily ][Date Thu, 4 Jan 2007 11:51:21 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[Fr ... /[From "Randall Ellis" ][Date Fri, 05 Jan 2007 00:59:41 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From Hannah R. Glover ][Date Thu, 4 Jan 2007 22:00:18 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fro ... /[From "Clifton Goodwin" ][Date Thu, 04 Jan 2007 14:18:00 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " ... /[From "Leroy Simmons" ][Date Fri, 05 Jan 2007 03:57:56 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... ... /[From "judge" ][Date Fri, 5 Jan 2007 12:20:28 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... ... /[From "Pineda Isidore" ][Date Fri, 5 Jan 2007 18:08:34 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From "Cathryn" ][Date Fri, 05 Jan 2007 10:52:53 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " ... /[From "Oscar Campbell" ][Date Fri, 05 Jan 2007 16:39:43 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From "Basil R. Hollis" ][Date Fri, 5 Jan 2007 04:20:42 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From "Qasim Wieder" ][Date Fri, 5 Jan 2007 13:48:02 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From Christy Bryant ][Date Fri, 5 Jan 2007 19:17:50 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From Christy Bryant ][Date Fri, 5 Jan 2007 19:17:50 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... /[ ... /[From "Kitty U. Boggs" ][Date Sat, 6 Jan 2007 00:06:16 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... /[From "Bab F. Christian" ][Date Sat, 6 Jan 2007 11:37:44 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La ... ... /[From Wolfe ][Date Sat, 6 Jan 2007 15:53:34 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La ... /[From "Leonard Watson" ][Date Sat, 06 Jan 2007 11:05:46 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Lakeshia Walker" ... /[From "Bella" ][Date Sat, 6 Jan 2007 05:38:31 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Lakeshia Walker" ][Date Sat, 06 Jan 2007 13:07:30 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . .. ... /[From "Fred Edwards" ][Date Sat, 06 Jan 2007 12:21:68 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[ .. ... /[From "Sharp Emmanuel" ][Date Sat, 6 Jan 2007 18:51:18 +0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[ ... ... /[From "Elissa" ][Date Sat, 06 Jan 2007 16:27:46 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[ ... /[From Francisca Yates ][Date Sat, 6 Jan 2007 13:06:59 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[From Bernice Stokes ][Date Sun, 7 Jan 2007 03:11:47 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... ... /[From ... /[From hamlet ][Date Sat, 6 Jan 2007 19:39:25 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... ... /[From ... /[From hamlet ][Date Sat, 6 Jan 2007 19:39:25 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... ... /[From "Lee Crawford" ][Date Sat, 06 Jan 2007 23:22:71 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[F ... /[From "Tamatha Henry" ][Date Sun, 07 Jan 2007 07:37:47 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[F ... /[Fro ... /[From "Travis Hayes" ][Date Sun, 07 Jan 2007 14:34:23 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[F ... /[From "Francesca Strickland" ][Date Sun, 7 Jan 2007 11:29:16 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[From "Fleming ... /[From Ned ][Date Sun, 7 Jan 2007 03:07:06 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[From "Fleming ... /[From Ned ][Date Sun, 7 Jan 2007 03:07:06 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[From "Fleming Q. Dickie" ][Date Sun, 7 Jan 2007 13:43:37 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. . ... /[From "Harriet Stallings" ][Date Sun, 7 Jan 2007 19:56:06 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[From "Walter Collins" ][Date Sun, 07 Jan 2007 12:10:37 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... .. ... /[From "Penny" ][Date Sun, 7 Jan 2007 22:00:33 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... .. ... ... /[From "Thomas" ][Date Mon, 08 Jan 2007 13:45:43 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... .. ... /[From Micky H. Gay ][Date Mon, 8 Jan 2007 16:16:40 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... ... /[From "Steven Woods" ][Date Mon, 08 Jan 2007 21:13:11 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... /[From Randi Doyle ][Date Mon, 8 Jan 2007 08:57:00 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... / ... /[ ... /[From Rory Lay ][Date Mon, 8 Jan 2007 15:57:51 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... / ... /[From Julius Irving ][Date Mon, 8 Jan 2007 12:04:03 -0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[F ... /[F ... /[From "Jem" ][Date Mon, 8 Jan 2007 16:58:13 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[F ... /[From "Atiya Hutchcraft" ][Date Mon, 8 Jan 2007 15:44:33 -0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[From "Me ... /[From Witt Martha ][Date Mon, 8 Jan 2007 21:16:32 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[From "Meggy F. Collier" ][Date Mon, 8 Jan 2007 22:00:56 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Eugene" ][Date Wed, 10 Jan 2007 01:13:65 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From "Rozella Morgan" ][Date Tue, 09 Jan 2007 07:44:00 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... / ... /[From "Kandi Rogers" ][Date Tue, 09 Jan 2007 15:32:25 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[F ... /[From "Christopher Ortiz" ][Date Tue, 09 Jan 2007 19:31:28 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From Sharon Obrien ][Date Tue, 9 Jan 2007 13:35:07 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From ... /[From Foster Rodrigues ][Date Tue, 9 Jan 2007 20:35:44 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From "Karren Miller" ][Date Tue, 09 Jan 2007 22:41:04 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . . ... ... /[From "Hannah D. Frederick" ][Date Tue, 9 Jan 2007 19:02:18 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . . ... /[From "Leon" ][Date Wed, 10 Jan 2007 03:13:47 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From "Connor L. Ike" ][Date Wed, 10 Jan 2007 10:07:20 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... /[From "gamengame" ][Date Wed, 10 Jan 2007 16:06:18 +0900 (KST)]/html Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Tony Reed" ][Date Wed, 10 Jan 2007 09:18:21 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[Fro ... /[From "Carl" ][Date Wed, 10 Jan 2007 02:25:27 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Francis Peterson" ][Date Wed, 10 Jan 2007 03:18:12 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... ... /[From Cyrus E. Nix ][Date Wed, 10 Jan 2007 20:49:26 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... ... /[From Cyrus E. Nix ][Date Wed, 10 Jan 2007 20:49:26 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... /[From "Stevens" ][Date Wed, 10 Jan 2007 21:28:59 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... / ... /[From "Shelley CRABTREE" ][Date Wed, 10 Jan 2007 18:08:32 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[Fro ... /[From "Charissa" ][Date Thu, 11 Jan 2007 06:36:03 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Craig Brown" ][Date Wed, 10 Jan 2007 22:03:15 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / .. ... /[ ... /[From doorway ][Date Thu, 11 Jan 2007 09:23:15 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / .. ... /[Fro ... /[From "Thu" ][Date Thu, 11 Jan 2007 10:47:46 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / .. ... /[From "Adam Martinez" ][Date Thu, 11 Jan 2007 15:25:27 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From Frost G. Valentine ][Date Thu, 11 Jan 2007 14:37:12 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From "J ... /[From "Lawrence" ][Date Thu, 11 Jan 2007 22:02:46 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From "Jackie Fuller" ][Date Thu, 11 Jan 2007 12:41:28 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fro . ... /[From "Rodney Adams" ][Date Thu, 11 Jan 2007 22:01:56 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fro ... /[From "Trina Krueger" ][Date Fri, 12 Jan 2007 19:56:09 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Christopher Martinez" ][Date Fri, 12 Jan 2007 21:05:23 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[Fro ... /[From "Russell Cox" ][Date Sat, 13 Jan 2007 01:08:21 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates < ... /[From "Kevin Gibson" ][Date Fri, 12 Jan 2007 16:41:64 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates ][Date Sun, 31 Dec 2006 17:32:57 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates ][Date Sun, 31 Dec 2006 17:32:57 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates ][Date Fri, 5 Jan 2007 13:43:28 -0800 (PST)]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "New MySpace Comment" <03|i|0eem8e8a|h.2ln ... /[From accounts@wowscape.net][Date Sat, 06 Jan 2007 22:07:56 -0500]/text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "New MySpace Comment" <03|i|0eem8e8a|h.2lnxag|_|o2.jjsxjt@message.myspac ... /[From - Fri Jan 12 22:51:02 2007]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "New MySpace Comment" <03|i|0eem8e8a|h.2lnxag|_|o2.jjsxjt@message.myspace.com>][Date 8 Jan 2007 14:34:11 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Th ... /[From "New MySpace Message" <03|p|mgm99i8g|h.2lnxag|_|o2.jjsxjt@message.myspace.com>][Date 10 Jan 2007 23:12:36 -0800]/text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 11:54:35 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 15:04:36 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 07:08:00 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 11:49:04 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 15:43:21 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 13:00:24 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 19:47:21 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 17:08:36 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 19:25:31 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 08:44:17 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 28 Dec 2003 01:49:62 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 02:57:51 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 19:01:57 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 21:54:56 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 01:28:16 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 10:59:08 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 15:44:00 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 18:32:45 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 09:02:04 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 18:03:22 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 18:50:55 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 08:15:57 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 10:28:09 +1000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 04:15:13 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 08:18:40 +0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 10:41:33 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 14:40:12 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 17:12:47 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 14:19:31 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 05:57:09 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 07:15:60 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 09:54:57 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 19:38:36 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 02:55:06 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 29 Jan 2004 22:39:62 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 04:57:29 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 15:11:50 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 16:19:43 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 14:34:10 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 09:15:54 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 00:24:29 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 19:19:08 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 13:30:44 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 00:56:41 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 01:23:38 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 12:08:11 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:36:52 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:37:02 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 10:52:19 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 21:03:53 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 13:39:54 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 00:07:14 - ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 01:00:37 - ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 01:00:37 - ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 08:57:37 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 19:04:45 + ... /UNNAMED Infected: Trojan-Proxy.Win32.Lager.dp skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 01:05:28 + ... /UNNAMED Infected: Trojan-Proxy.Win32.Lager.dp skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 28 Jan 2007 20:11:55 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.h skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 21:22:17 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.d skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 29 Jan 2007 14:18:56 -0800 (PST)]/html Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 05:00:28 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 09:52:19 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 11:44:01 +0100]/text Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 13:02:23 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 20:39:05 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 06:52:09 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 21:00:48 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 25 Jan 2007 21:22:17 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 26 Jan 2007 06:01:49 +0200]/text Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 26 Jan 2007 15:22:47 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 26 Jan 2007 20:09:53 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 27 Jan 2007 04:01:08 -060 ... /html Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 27 Jan 2007 04:01:08 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 27 Jan 2007 13:00:46 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 27 Jan 2007 13:00:46 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 27 Jan 2007 22:41:39 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 28 Jan 2007 14:32:34 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 28 Jan 2007 20:11:55 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 29 Jan 2007 21:10:28 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 19 Jan 38 03:14:07 GMT]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 23:17:53 +0000]/text Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 22:30:49 +0000]/text Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 23:04:22 -0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 22:00:45 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 14:09:48 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 22:30:49 +0000]/text Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 23:04:22 -0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 22:00:45 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 14:09:48 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 01:19:08 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 22:15:49 +0000]/text Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 14:09:07 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 12:13:22 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 17:20:08 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 23 Jan 2007 01:05:28 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 19:04:45 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 20 Jan 2007 22:42:42 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 08:57:37 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 01:00:37 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 00:07:14 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 22 Jan 2007 09:39:77 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 17:13:14 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.ciw skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.t skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 6 Feb 2007 17:11:12 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 6 Feb 2007 17:11:12 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 6 Feb 2007 16:38:21 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 14:45:39 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 22:22:30 +080 ... /html Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 22:22:30 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 07:17:02 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 08 Feb 2007 08:33:37 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 18:37:57 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 11:14:16 -0500]/text Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 +0000]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 6 Feb 2007 17:11:12 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 6 Feb 2007 17:11:12 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 6 Feb 2007 16:38:21 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 14:45:39 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 22:22:30 +080 ... /html Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 22:22:30 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 07:17:02 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 08 Feb 2007 08:33:37 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 7 Feb 2007 18:37:57 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 11:14:16 -0500]/text Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 +0000]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 9 Feb 2007 15:33:02 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 9 Feb 2007 20:08:18 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 09 Feb 2007 23:06:46 +0300]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 06:49:17 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 03:20:39 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 9 Feb 2007 21:46:07 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 08:59:23 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 09:41:20 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 09:56:32 +0000]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 22:45:22 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 16:48:10 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 08:19:26 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 17:33:23 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 17:39:33 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 17:42:49 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 13:30:39 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 07:41:59 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 08:45:05 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 01:37:31 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 8 Feb 2007 21:31:43 +0000]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 9 Feb 2007 15:33:02 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 9 Feb 2007 20:08:18 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 09 Feb 2007 23:06:46 +0300]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 06:49:17 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 03:20:39 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 9 Feb 2007 21:46:07 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 08:59:23 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 09:41:20 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 09:56:32 +0000]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 22:45:22 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 16:48:10 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 08:19:26 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 17:33:23 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 17:39:33 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 17:42:49 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 10 Feb 2007 13:30:39 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 07:41:59 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 08:45:05 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 01:37:31 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 00:06:32 -0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 15:17:50 +1300]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 14:48:36 +0400]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 14:33:07 +0000]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 17:49:28 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 11 Feb 2007 11:12:58 -0500]/text Infected: Email-Worm.Win32.Zhelatin.r skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thom ... /[From Columbia University Un ... / ... /[From Support Team ][Date Thu, 12 Apr 2007 15: ... /patch-2316.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thom ... /[From Columbia University Un ... / ... /[From Support Team ][Date Thu, 12 Apr 2007 15:48:24 -0400]/UNNAMED Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thom ... /[From Columbia University Un ... ... /[From Ninon Q. Lord ][Date Thu, 12 Apr 2007 19:01:20 +0400]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thom ... /[From Columbia University Un ... /[Fr ... /[From Support Team ][Date Thu, 12 Apr 2007 15:48:24 -0400]/text Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thom ... /[From Columbia University Un ... /[From "Leah Combs" ][Date Fri, 13 Apr 2007 04:54:09 +0800]/text Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thom ... /[From Columbia University Undergraduate Admissions][Date Fri, 13 Apr 2007 12:09:28 -0400]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 13 Apr 2007 11:17:30 -0700]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 13 Apr 2007 19:38:55 -0600]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 14 Apr 2007 10:17:49 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 9 Dec 2006 23:28:11 - .. ... /html Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 9 Dec 2006 23:28:11 - ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 9 Dec 2006 23:28:11 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 10 Dec 2006 15:21:54 +0900]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 10 Dec 2006 12:32:58 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 10 Dec 2006 15:50:30 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 10 Dec 2006 21:52:44 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 00:37:15 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 10 Dec 2006 23:44:21 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 10:54:15 +0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 13:39:61 +0530]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 13:56:11 +0200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 15:02:33 +0300]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 14:34:05 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 14:43:42 +0100]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Mon, 11 Dec 2006 07:13:00 -1200]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED Infected: Email-Worm.Win32.Zhelatin.ct skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox Mail Berkeley mbox: infected - 291, suspicious - 2 skipped
C:\Documents and Settings\Haroon Khalid\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Temp\Perflib_Perfdata_83c.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Temp\Perflib_Perfdata_e4c.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Temp\Perflib_Perfdata_e54.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\ntuser.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
C:\Program Files\mIRC\mirc.exe.bak Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll Object is locked skipped
C:\Program Files\Stardock\Object Desktop\WindowBlinds\WB5.5e Patch.exe Object is locked skipped
C:\Program Files\TightVNC\VNCHooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b skipped
C:\Program Files\TightVNC\WinVNC.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.h skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1028\A1798275.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1028\A1800223.exe/data.rar/bpkhk.dll Infected: not-a-virus:Monitor.Win32.Perflogger.163 skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1028\A1800223.exe/data.rar Infected: not-a-virus:Monitor.Win32.Perflogger.163 skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1028\A1800223.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1031\A1804279.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1033\A1804345.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1033\A1804358.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1033\A1807256.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1033\A1808272.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1033\A1808277.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1033\A1809429.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1817326.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1817339.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1817340.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1817341.sys Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1817342.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1817347.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1820347.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1822357.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1822367.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1825394.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1825395.dll Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\A1825396.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1036\change.log Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP988\A1683591.exe Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP988\A1683593.exe Object is locked skipped
C:\VundoFix Backups\hkvprdvn.dll.bad Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\AKL.006 Infected: not-a-virus:Monitor.Win32.Ardamax.20 skipped
C:\WINDOWS\SYSTEM32\AKL.007 Infected: not-a-virus:Monitor.Win32.Ardamax.20 skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\closeapp.exe Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\ACEEvent.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\ODiag.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\OSession.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\vimc.exe/WISE0005.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
C:\WINDOWS\SYSTEM32\vimc.exe WiseSFX: infected - 1 skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:46 PM, on 7/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{1E70DB70-3165-4D35-BFD6-33CDABFEEB94}\Blaero Start Orb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
c:\program files\aim6\anotify.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)
--
End of file - 10418 bytes
Hi
Are you aware of keylogger presence in your system?
C:\WINDOWS\SYSTEM32\AKL.006 Infected: not-a-virus:Monitor.Win32.Ardamax.20 skipped
C:\WINDOWS\SYSTEM32\AKL.007 Infected: not-a-virus:Monitor.Win32.Ardamax.20 skipped
O_O" KEYLOGGER?! Well that's a shocker
Hi
If not, do you like me to continue cleaning your computer or do you like to format and re-install?
Continue cleaning, thanks for letting me know about that though.
Hi
Then you should change all online passwords (from another computer) and contact credit card company/bank if you have used their services via this computer.
Delete all mails like this via thunderbird (see complete list in kaspersky report, make sure to empty recycle bin, too):
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:37:02 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
Empty this folder:
C:\VundoFix Backups
Delete these:
C:\WINDOWS\SYSTEM32\AKL.006
C:\WINDOWS\SYSTEM32\AKL.007
Empty Recycle Bin
Re-scan with kaspersky
Post:
- a fresh HijackThis log
- kaspersky report
Due to the lack of feedback this Topic is closed.
If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.