llehs.com and other pop up ads

S

Soniku

New member
starting about 3 days ago, my computer has been acting really weird. My computer has been acting unusually slow when it starts up and all I get is pop up spams of llehs.com and spyware sites tht claim "I have spyware" and force me to install their software (which, of course, I dont) I use 3 main security programs: AVG 7.5, Webroot Spy Sweeper and Spybot Search and Destroy. So far AVG has been spamming with a bunch of threats, Webroot cleaned out some spyware but I guess it still didnt do anything and neither did Spybot.

Here is my HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:05:06 PM, on 7/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{36814E7D-E399-4646-9E8F-6453EC9A4885}\Blaero Start Orb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Haroon Khalid\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [icq.com] "rundll32.exe" "C:\WINDOWS\system32\sueoufcb.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)

--
End of file - 10465 bytes
 
Hi Soniku

Rename HijackThis.exe to scanner.exe and post back a fresh HijackThis log, please :)
 
Here you go ^_^

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:43:51 PM, on 7/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{3BDB54E4-8254-46A8-961A-B88B1CD554A6}\Blaero Start Orb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3F4F125D-F31E-4D37-AC35-E50128670469} - C:\WINDOWS\system32\vtutuvu.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8D9E7E74-B2EC-465B-A5BB-DE472031D3FA} - C:\WINDOWS\system32\pmnno.dll (file missing)
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\hkvprdvn.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\wnjqbjqq.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: vtutuvu - vtutuvu.dll (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)

--
End of file - 11355 bytes
 
Hi

Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.
 
Vendo Fix

VundoFix V6.5.6

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 12:04:52 PM 7/21/2007

Listing files found while scanning....

C:\windows\system32\hkvprdvn.dll
C:\WINDOWS\system32\onnmp.bak1
C:\WINDOWS\system32\onnmp.bak2
C:\WINDOWS\system32\onnmp.ini
C:\WINDOWS\system32\onnmp.ini2
C:\WINDOWS\system32\onnmp.tmp
C:\WINDOWS\system32\pmnno.dll
C:\windows\system32\qqjbqjnw.ini
C:\WINDOWS\system32\wnjqbjqq.dll

Beginning removal...

Attempting to delete C:\windows\system32\hkvprdvn.dll
C:\windows\system32\hkvprdvn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\onnmp.bak1
C:\WINDOWS\system32\onnmp.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\onnmp.bak2
C:\WINDOWS\system32\onnmp.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\onnmp.ini
C:\WINDOWS\system32\onnmp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\onnmp.ini2
C:\WINDOWS\system32\onnmp.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\onnmp.tmp
C:\WINDOWS\system32\onnmp.tmp Has been deleted!

Attempting to delete C:\windows\system32\qqjbqjnw.ini
C:\windows\system32\qqjbqjnw.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\wnjqbjqq.dll
C:\WINDOWS\system32\wnjqbjqq.dll Has been deleted!

Performing Repairs to the registry.
Done!
 
HijackThis Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:19 PM, on 7/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{C617E2FF-2CE8-41C9-B45F-99E3F8048474}\Blaero Start Orb.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3F4F125D-F31E-4D37-AC35-E50128670469} - C:\WINDOWS\system32\vtutuvu.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8D9E7E74-B2EC-465B-A5BB-DE472031D3FA} - C:\WINDOWS\system32\pmnno.dll (file missing)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: vtutuvu - vtutuvu.dll (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)

--
End of file - 11223 bytes
 
Hi

Open HijackThis, click do a system scan only and checkmark these:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {3F4F125D-F31E-4D37-AC35-E50128670469} - C:\WINDOWS\system32\vtutuvu.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8D9E7E74-B2EC-465B-A5BB-DE472031D3FA} - C:\WINDOWS\system32\pmnno.dll (file missing)
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: vtutuvu - vtutuvu.dll (file missing)

Close all windows including browser and press fix checked.

Reboot.

1. Download combofix from one of these links:
Link1
Link2
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post:

- a fresh HijackThis log
- combofix report
 
Combo Fix

"Haroon Khalid" - 2007-07-21 12:41:26 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\HAROON~1\APPLIC~1.\addon.dat
C:\WINDOWS\msresearch1.dat


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\nm


((((((((((((((((((((((((( Files Created from 2007-06-21 to 2007-07-21 )))))))))))))))))))))))))))))))


2007-07-21 12:41 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-21 12:04 <DIR> d-------- C:\VundoFix Backups
2007-07-19 17:57 22,080 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sshrmd.sys
2007-07-19 17:57 21,056 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sskbfd.sys
2007-07-19 17:57 20,544 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SSFS0509.sys
2007-07-19 17:57 144,448 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ssidrv.sys
2007-07-19 17:56 <DIR> d-------- C:\DOCUME~1\HAROON~1\APPLIC~1\Webroot
2007-07-19 17:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
2007-07-18 19:41 9,216 --a------ C:\WINDOWS\SYSTEM32\avgwlntf.dll
2007-07-18 18:57 110,592 --a------ C:\WINDOWS\SYSTEM32\avgfwafu.dll
2007-07-18 18:20 3,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgArCln.sys
2007-07-18 17:43 <DIR> d-------- C:\Program Files\Trend Micro
2007-07-17 19:19 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-13 21:46 6 --a------ C:\tw0001.dat
2007-07-13 19:08 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-07-12 20:50 <DIR> d-------- C:\Program Files\iPod
2007-07-12 20:49 <DIR> d-------- C:\Program Files\iTunes
2007-07-12 19:39 <DIR> d-------- C:\Program Files\Error Repair Professional
2007-07-12 18:51 <DIR> d-------- C:\Program Files\MSN Messenger
2007-06-29 14:55 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-06-29 14:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-06-26 18:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
2007-06-26 11:34 <DIR> d-------- C:\Program Files\Windows Updates Downloader


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-20 03:05:38 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\uTorrent
2007-07-20 01:35:02 -------- d-----w C:\Program Files\Mozilla Firefox 2 Beta 2
2007-07-19 22:37:07 -------- d-----w C:\Program Files\STK016_V2.01
2007-07-18 02:47:59 -------- d-----w C:\Program Files\7-Zip
2007-07-13 23:10:55 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\Skype
2007-07-13 23:08:36 -------- d-----w C:\Program Files\Skype
2007-07-13 03:21:06 -------- d-----w C:\Program Files\World of Warcraft
2007-07-13 00:48:04 -------- d-----w C:\Program Files\QuickTime
2007-07-13 00:44:39 -------- d-----w C:\Program Files\Apple Software Update
2007-07-13 00:37:54 -------- d-----w C:\Program Files\RipCast 1.9
2007-07-13 00:36:49 -------- d-----w C:\Program Files\LimeWire
2007-07-13 00:35:53 -------- d-----w C:\Program Files\YPOPs
2007-07-03 01:07:07 -------- d-----w C:\Program Files\Mozilla Thunderbird
2007-06-26 21:10:26 -------- d-----w C:\Program Files\MagicISO
2007-06-26 15:39:27 10,436 -c--a-w C:\WINDOWS\mozver.dat
2007-06-18 01:01:36 -------- d-----w C:\Program Files\ATI Technologies
2007-06-18 00:28:54 2,644 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-06-17 23:49:12 1,540 ----a-w C:\WINDOWS\system32\d3d8caps.dat
2007-06-17 23:25:40 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\atitray
2007-06-17 23:12:13 -------- d-----w C:\Program Files\MultiRes
2007-06-17 23:11:01 451,072 ----a-w C:\WINDOWS\Radeon Omega Drivers v3.8.360 Uninstall.exe
2007-06-17 23:11:01 -------- d-----w C:\Program Files\Radeon Omega Drivers
2007-06-16 21:26:48 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-16 16:26:05 -------- d-----w C:\Program Files\Scions of Fate
2007-06-15 22:32:14 -------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2007-06-05 21:17:22 -------- d--h--w C:\Program Files\WindowsUpdate
2007-06-02 18:56:31 -------- d-----w C:\Program Files\Gpotato
2007-06-02 00:42:21 -------- d-----w C:\Program Files\nullDC
2007-06-01 22:33:29 -------- d-----w C:\Program Files\Free WMA to MP3 Converter
2007-06-01 22:33:15 -------- d-----w C:\Program Files\Image-Line
2007-06-01 22:32:23 -------- d-----w C:\Program Files\Cheat Engine
2007-05-31 23:30:22 266,088 ----a-w C:\WINDOWS\system32\xactengine2_8.dll
2007-05-31 23:29:42 18,280 ----a-w C:\WINDOWS\system32\x3daudio1_2.dll
2007-05-31 01:19:14 -------- d-----w C:\DOCUME~1\HAROON~1\APPLIC~1\Hamachi
2007-05-31 01:18:01 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-05-29 23:02:10 -------- d-----w C:\Program Files\AC Tool
2007-05-29 23:01:47 -------- d-----w C:\Program Files\DivX
2007-05-27 01:04:17 -------- d-----w C:\Program Files\VstPlugins
2007-05-24 00:24:10 -------- d-----w C:\Program Files\Power Tab Software
2007-05-17 21:30:48 318,976 ----a-w C:\WINDOWS\system32\avisynth.dll
2007-05-16 20:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
2007-05-16 20:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
2007-05-16 20:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-14 19:24:30 394,240 ----a-w C:\WINDOWS\system32\Smab.dll
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-24 02:10:24 1,767 -c--a-w C:\WINDOWS\system32\sdbackup.reg
2007-01-06 03:47:31 0 -c--a-w C:\DOCUME~1\HAROON~1\APPLIC~1\TORplugin.dat
2006-02-05 22:29:15 184,680 -c--a-w C:\DOCUME~1\HAROON~1\APPLIC~1\shb.dat
2002-01-18 11:52:12 3,932 -c----w C:\DOCUME~1\HAROON~1\APPLIC~1\LMLayout.dat
2005-05-13 22:12:00 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-07-14 17:31:20 27,648 -csha-r C:\WINDOWS\SYSTEM32\AVSredirect.dll
2005-06-26 20:32:28 616,448 -csha-r C:\WINDOWS\SYSTEM32\cygwin1.dll
2005-06-22 03:37:42 45,568 -csha-r C:\WINDOWS\SYSTEM32\cygz.dll
2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\SYSTEM32\flvDX.dll
2004-01-25 05:00:00 70,656 -csha-r C:\WINDOWS\SYSTEM32\i420vfw.dll
2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\SYSTEM32\msfDX.dll
2006-10-12 03:09:39 94,208 -csha-w C:\WINDOWS\SYSTEM32\SalaatTime.dll
2005-02-28 18:16:22 240,128 -csha-r C:\WINDOWS\SYSTEM32\x.264.exe
2004-01-25 05:00:00 70,656 --sha-r C:\WINDOWS\SYSTEM32\yv12vfw.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-07-12 04:00 501136 --a------ C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-03-05 14:17]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"AtiPTA"="atiptaxx.exe" [2006-02-21 20:05 C:\WINDOWS\SYSTEM32\atiptaxx.exe]
"VisualTooltip"="C:\Program Files\VisualTooltip\VisualToolTip.exe" [2006-10-06 10:21]
"Blaero Start Orb"="C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe" [2006-07-30 20:32]
"Styler"="C:\Program Files\Styler\Styler.exe" [2006-05-03 11:48]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-07-18 19:41]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 16:41]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll --a------ 2007-07-18 19:41 9216 C:\WINDOWS\SYSTEM32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll --a------ 2007-06-04 20:26 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1e0d732-865f-11db-a1ee-000bdb81b02e}]
AutoRun\command- D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dbf37642-7f37-11db-a1d9-000bdb81b02e}]
AutoRun\command- G:\SETUP.EXE


HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F52A6CEE-DBD6-3EC2-6A74-D6E92795C440}
C:\WINDOWS\system32/m01ti2\server.exe s

Contents of the 'Scheduled Tasks' folder
2007-07-19 03:26:15 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-21 01:00:05 C:\WINDOWS\tasks\Disk Cleanup.job
2007-07-21 00:00:02 C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (DCN07L31-Haroon Khalid).job
2007-07-21 16:51:23 C:\WINDOWS\tasks\Windows Media Player.job
2005-11-05 18:57:28 C:\WINDOWS\tasks\XoftSpy.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-21 12:52:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-21 12:57:46 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-21 12:56

--- E O F ---
 
HijackThis Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:03:12 PM, on 7/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\DOCUME~1\HAROON~1\LOCALS~1\Temp\{2ECE5A29-D3C5-4F89-AB02-725C9972C841}\Blaero Start Orb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Documents and Settings\Haroon Khalid\Desktop\scanner.exe.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://asia.search.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [VisualTooltip] "C:\Program Files\VisualTooltip\VisualToolTip.exe"
O4 - HKLM\..\Run: [Blaero Start Orb] "C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe"
O4 - HKLM\..\Run: [Styler] "C:\Program Files\Styler\Styler.exe"
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: STK016 PNP Monitor.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/0.9.0944.26/WinSSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.tricksteronline.com/control/KALogoutComponent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: Domain = stanford.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFC6F36-7379-4CF8-BB51-291C727D4D8E}: NameServer = 171.64.7.55,171.64.7.77,171.64.7.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)

--
End of file - 10144 bytes
 
Hi

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

C:\WINDOWS\system32\m01ti2\server.exe

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/flash/index_en.html
 
I've tried the steps to show all hidden files and browsed for server.exe but the only thing that appears in m01ti2 folder is klog
 
Hi

Then just copy/paste file path with filename to jotti/virustotal and click submit.
 
Hi

Ok.

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases
  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log
- kaspersky report
 
Kaspersky Online Scanner Report

KASPERSKY ONLINE SCANNER REPORT
Monday, July 23, 2007 10:05:10 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 24/07/2007
Kaspersky Anti-Virus database records: 366931
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 132436
Number of viruses found 19
Number of infected objects 306
Number of suspicious objects 2
Duration of the scan process 04:00:25

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\AvgFwLog.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\AvgFwLog.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Documents\DESKTOP.INI Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\AlbumArtSmall.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\AlbumArt_{79D3A434-2D93-4194-AD18-F79744B5CF43}_Large.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\AlbumArt_{79D3A434-2D93-4194-AD18-F79744B5CF43}_Small.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Folder.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\New Playlist.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Send To Playlist.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Sonic Favorites.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Um...wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArtSmall.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{08115859-E625-4BCD-83A8-57E01873B42F}_Large.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{08115859-E625-4BCD-83A8-57E01873B42F}_Small.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Large.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Small.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Beethoven's Symphony No. 9 (Scherzo).wma Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\DESKTOP.INI Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Folder.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\New Stories (Highway Blues).wma Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Thumbs.db Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- 4 and 5 star rated.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Have not heard recently.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Listen to late at night.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Listen to on Weekdays.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- Listen to on Weekends.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- One Audio CD worth.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Favorites -- One Data CD-R worth.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Fresh tracks -- yet to be played.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Fresh tracks -- yet to be rated.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Fresh tracks.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\High bitrate media in my library.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Low bitrate media in my library.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Music tracks I dislike.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Music tracks I have not rated.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\06062EE3\Music tracks with content protection.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\01_Music_auto_rated_at_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\02_Music_added_in_the_last_month.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\03_Music_rated_at_4_or_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\04_Music_played_in_the_last_month.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\05_Pictures_taken_in_the_last_month.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\06_Pictures_rated_4_or_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\07_TV_recorded_in_the_last_week.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\08_Video_rated_at_4_or_5_stars.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\09_Music_played_the_most.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\10_All_Music.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\11_All_Pictures.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\0081BE7A\12_All_Video.wpl Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Blue hills.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\DESKTOP.INI Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Sunset.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Water lilies.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Winter.jpg Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\America Online 8.0.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Dell Jukebox by musicmatch.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Desktop.ini Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\E-mail.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Launch Internet Explorer Browser.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\playo Quick Help.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Shortcut (2) to Show Desktop.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Shortcut to Show Desktop.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\My Videos\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\cert8.db Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\flashgot.log Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\history.dat Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\key3.db Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\parent.lock Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Mozilla\Firefox\Profiles\qh7difcx.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:37:02 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 01:23:38 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 13:30:44 - ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 19:19:08 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 00:24:29 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 04:15:13 + ... /UNNAMED Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 + ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 +020 ... /text Infected: Trojan-Downloader.Win32.Small.dam skipped
 
Kaspersky Con't

C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 +020 ... /text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdo ... /[From Louie ][Date Fri, 19 Jan 2007 13:05:23 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 +090 ... /html Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From Kate Mcdonald ][Date Sat, 20 Jan 2007 09:03:42 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... / ... ... /[From recount ][Date Sat, 13 Jan 2007 13:37:16 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... / ... /[From "Calv ... /[From "Harvey" ][Date Wed, 1 Jan 2003 02:19:17 +0200]/text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... / ... /[From "Calvin Patterson" ][Date Thu, 01 Jan 2004 00:49:26 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fr ... /[From "Claude Hendrickson" ][Date Fri, 30 Jan 2004 18:58:44 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From Lizzie Mobley ][Date Mon, 1 Jan 2007 20:23:01 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From Lizzie Mobley ][Date Mon, 1 Jan 2007 20:23:01 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From "David Graham" ][Date Tue, 02 Jan 2007 10:43:25 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " ... /[From "Rodney Diaz" ][Date Tue, 02 Jan 2007 10:15:35 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Travis Hunter" ][Date Tue, 02 Jan 2007 11:58:74 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... ... ... /[From "Marvin" ][Date Tue, 02 Jan 2007 15:26:59 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... ... /[From frosted ][Date Tue, 2 Jan 2007 12:50:45 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... / .. ... /[From "Jeffery Howard" ][Date Tue, 02 Jan 2007 05:14:10 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... / ... /[From Merrill Patty ][Date Tue, 2 Jan 2007 14:31:21 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... /[From "S ... /[From "Randall" ][Date Tue, 02 Jan 2007 19:22:49 -0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[ ... /[From "Samuel Perry" ][Date Wed, 03 Jan 2007 13:29:41 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... ... /[From "Maryellen Mills" ][Date Wed, 03 Jan 2007 08:56:37 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Howard L. Tibbie" ][Date Wed, 3 Jan 2007 09:15:52 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... ... /[From "Jeff" ][Date Wed, 03 Jan 2007 15:30:54 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[Fro . ... /[From "Alexander" ][Date Wed, 03 Jan 2007 15:24:49 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[Fro ... /[From Armstrong ][Date Wed, 3 Jan 2007 18:42:15 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[Fro ... /[From "Jim Brooks" ][Date Wed, 03 Jan 2007 11:58:18 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[From "J ... /[From Adrian Kuhn ][Date Wed, 3 Jan 2007 20:45:21 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[From "James Rivera" ][Date Wed, 03 Jan 2007 22:41:37 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... ... /[ ... /[Fr ... /[From "Fifth Third Bank" ]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... ... /[ ... /[From "Scott" ][Date Thu, 04 Jan 2007 16:13:58 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... ... /[From "Lilian Bryant" ][Date Thu, 4 Jan 2007 22:05:18 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... /[Fr ... /[From "Jose" ][Date Thu, 04 Jan 2007 17:28:32 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[ ... /[From Delacruz K. Emily ][Date Thu, 4 Jan 2007 11:51:21 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[Fr ... /[From "Randall Ellis" ][Date Fri, 05 Jan 2007 00:59:41 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From Hannah R. Glover ][Date Thu, 4 Jan 2007 22:00:18 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
 
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fro ... /[From "Clifton Goodwin" ][Date Thu, 04 Jan 2007 14:18:00 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " ... /[From "Leroy Simmons" ][Date Fri, 05 Jan 2007 03:57:56 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... ... /[From "judge" ][Date Fri, 5 Jan 2007 12:20:28 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... ... /[From "Pineda Isidore" ][Date Fri, 5 Jan 2007 18:08:34 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " .. ... /[From "Cathryn" ][Date Fri, 05 Jan 2007 10:52:53 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From " ... /[From "Oscar Campbell" ][Date Fri, 05 Jan 2007 16:39:43 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From "Basil R. Hollis" ][Date Fri, 5 Jan 2007 04:20:42 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From "Qasim Wieder" ][Date Fri, 5 Jan 2007 13:48:02 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From Christy Bryant ][Date Fri, 5 Jan 2007 19:17:50 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... ... /[From Christy Bryant ][Date Fri, 5 Jan 2007 19:17:50 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... /[ ... /[From "Kitty U. Boggs" ][Date Sat, 6 Jan 2007 00:06:16 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La . ... /[From "Bab F. Christian" ][Date Sat, 6 Jan 2007 11:37:44 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La ... ... /[From Wolfe ][Date Sat, 6 Jan 2007 15:53:34 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "La ... /[From "Leonard Watson" ][Date Sat, 06 Jan 2007 11:05:46 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Lakeshia Walker" ... /[From "Bella" ][Date Sat, 6 Jan 2007 05:38:31 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Lakeshia Walker" ][Date Sat, 06 Jan 2007 13:07:30 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . .. ... /[From "Fred Edwards" ][Date Sat, 06 Jan 2007 12:21:68 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[ .. ... /[From "Sharp Emmanuel" ][Date Sat, 6 Jan 2007 18:51:18 +0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[ ... ... /[From "Elissa" ][Date Sat, 06 Jan 2007 16:27:46 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[ ... /[From Francisca Yates ][Date Sat, 6 Jan 2007 13:06:59 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / . ... /[From Bernice Stokes ][Date Sun, 7 Jan 2007 03:11:47 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... ... /[From ... /[From hamlet ][Date Sat, 6 Jan 2007 19:39:25 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... ... /[From ... /[From hamlet ][Date Sat, 6 Jan 2007 19:39:25 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... ... /[From "Lee Crawford" ][Date Sat, 06 Jan 2007 23:22:71 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[F ... /[From "Tamatha Henry" ][Date Sun, 07 Jan 2007 07:37:47 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[F ... /[Fro ... /[From "Travis Hayes" ][Date Sun, 07 Jan 2007 14:34:23 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[F ... /[From "Francesca Strickland" ][Date Sun, 7 Jan 2007 11:29:16 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[From "Fleming ... /[From Ned ][Date Sun, 7 Jan 2007 03:07:06 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[From "Fleming ... /[From Ned ][Date Sun, 7 Jan 2007 03:07:06 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... / ... /[From "Fleming Q. Dickie" ][Date Sun, 7 Jan 2007 13:43:37 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. . ... /[From "Harriet Stallings" ][Date Sun, 7 Jan 2007 19:56:06 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ .. ... /[From "Walter Collins" ][Date Sun, 07 Jan 2007 12:10:37 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... .. ... /[From "Penny" ][Date Sun, 7 Jan 2007 22:00:33 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... .. ... ... /[From "Thomas" ][Date Mon, 08 Jan 2007 13:45:43 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
 
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... .. ... /[From Micky H. Gay ][Date Mon, 8 Jan 2007 16:16:40 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... ... /[From "Steven Woods" ][Date Mon, 08 Jan 2007 21:13:11 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... ... /[From Randi Doyle ][Date Mon, 8 Jan 2007 08:57:00 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... / ... /[ ... /[From Rory Lay ][Date Mon, 8 Jan 2007 15:57:51 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... / ... /[From Julius Irving ][Date Mon, 8 Jan 2007 12:04:03 -0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[F ... /[F ... /[From "Jem" ][Date Mon, 8 Jan 2007 16:58:13 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[F ... /[From "Atiya Hutchcraft" ][Date Mon, 8 Jan 2007 15:44:33 -0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[From "Me ... /[From Witt Martha ][Date Mon, 8 Jan 2007 21:16:32 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... ... /[From "Meggy F. Collier" ][Date Mon, 8 Jan 2007 22:00:56 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Eugene" ][Date Wed, 10 Jan 2007 01:13:65 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From "Rozella Morgan" ][Date Tue, 09 Jan 2007 07:44:00 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... / ... /[From "Kandi Rogers" ][Date Tue, 09 Jan 2007 15:32:25 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[F ... /[From "Christopher Ortiz" ][Date Tue, 09 Jan 2007 19:31:28 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From Sharon Obrien ][Date Tue, 9 Jan 2007 13:35:07 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From ... /[From Foster Rodrigues ][Date Tue, 9 Jan 2007 20:35:44 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From "Karren Miller" ][Date Tue, 09 Jan 2007 22:41:04 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . . ... ... /[From "Hannah D. Frederick" ][Date Tue, 9 Jan 2007 19:02:18 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . . ... /[From "Leon" ][Date Wed, 10 Jan 2007 03:13:47 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ . ... /[From "Connor L. Ike" ][Date Wed, 10 Jan 2007 10:07:20 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... /[From "gamengame" ][Date Wed, 10 Jan 2007 16:06:18 +0900 (KST)]/html Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Tony Reed" ][Date Wed, 10 Jan 2007 09:18:21 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[Fro ... /[From "Carl" ][Date Wed, 10 Jan 2007 02:25:27 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Francis Peterson" ][Date Wed, 10 Jan 2007 03:18:12 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... ... /[From Cyrus E. Nix ][Date Wed, 10 Jan 2007 20:49:26 + ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... ... /[From Cyrus E. Nix ][Date Wed, 10 Jan 2007 20:49:26 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / . ... /[From "Stevens" ][Date Wed, 10 Jan 2007 21:28:59 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... / ... /[From "Shelley CRABTREE" ][Date Wed, 10 Jan 2007 18:08:32 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[Fro ... /[From "Charissa" ][Date Thu, 11 Jan 2007 06:36:03 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From "Craig Brown" ][Date Wed, 10 Jan 2007 22:03:15 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / .. ... /[ ... /[From doorway ][Date Thu, 11 Jan 2007 09:23:15 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / .. ... /[Fro ... /[From "Thu" ][Date Thu, 11 Jan 2007 10:47:46 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / .. ... /[From "Adam Martinez" ][Date Thu, 11 Jan 2007 15:25:27 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... / ... /[From Frost G. Valentine ][Date Thu, 11 Jan 2007 14:37:12 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From "J ... /[From "Lawrence" ][Date Thu, 11 Jan 2007 22:02:46 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
 
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[ ... /[From "Jackie Fuller" ][Date Thu, 11 Jan 2007 12:41:28 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fro . ... /[From "Rodney Adams" ][Date Thu, 11 Jan 2007 22:01:56 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[Fro ... /[From "Trina Krueger" ][Date Fri, 12 Jan 2007 19:56:09 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N .. ... /[From "Christopher Martinez" ][Date Fri, 12 Jan 2007 21:05:23 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[Fro ... /[From "Russell Cox" ][Date Sat, 13 Jan 2007 01:08:21 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates < ... /[From "Kevin Gibson" ][Date Fri, 12 Jan 2007 16:41:64 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates ][Date Sun, 31 Dec 2006 17:32:57 - ... /UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates ][Date Sun, 31 Dec 2006 17:32:57 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "N ... /[From Classmates ][Date Fri, 5 Jan 2007 13:43:28 -0800 (PST)]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "New MySpace Comment" <03|i|0eem8e8a|h.2ln ... /[From accounts@wowscape.net][Date Sat, 06 Jan 2007 22:07:56 -0500]/text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "New MySpace Comment" <03|i|0eem8e8a|h.2lnxag|_|o2.jjsxjt@message.myspac ... /[From - Fri Jan 12 22:51:02 2007]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron ... /[From "New MySpace Comment" <03|i|0eem8e8a|h.2lnxag|_|o2.jjsxjt@message.myspace.com>][Date 8 Jan 2007 14:34:11 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Th ... /[From "New MySpace Message" <03|p|mgm99i8g|h.2lnxag|_|o2.jjsxjt@message.myspace.com>][Date 10 Jan 2007 23:12:36 -0800]/text Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 11:54:35 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 15:04:36 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 07:08:00 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Tue, 26 Dec 2006 11:49:04 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 15:43:21 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 13:00:24 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 19:47:21 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 17:08:36 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 19:25:31 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 08:44:17 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 28 Dec 2003 01:49:62 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 02:57:51 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 19:01:57 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Wed, 27 Dec 2006 21:54:56 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 01:28:16 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 10:59:08 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 15:44:00 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 18:32:45 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 09:02:04 -0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 18:03:22 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 28 Dec 2006 18:50:55 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 08:15:57 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
 
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 10:28:09 +1000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 04:15:13 +0300]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 08:18:40 +0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 10:41:33 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 14:40:12 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 17:12:47 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 14:19:31 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 05:57:09 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 07:15:60 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 09:54:57 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Fri, 29 Dec 2006 19:38:36 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 02:55:06 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Thu, 29 Jan 2004 22:39:62 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 04:57:29 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 15:11:50 +0800]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 16:19:43 +0530]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 14:34:10 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 09:15:54 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 00:24:29 +0900]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 19:19:08 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sat, 30 Dec 2006 13:30:44 -0500]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 00:56:41 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 01:23:38 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 12:08:11 +0700]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:36:52 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 06:37:02 +0000]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 10:52:19 +0100]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 21:03:53 +0200]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 31 Dec 2006 13:39:54 -0600]/UNNAMED Infected: Trojan-Downloader.Win32.Small.dam skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 00:07:14 - ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
C:\Documents and Settings\Haroon Khalid\Application Data\Thunderbird\Profiles\5m07ayn3.default\Mail\Localhost\Inbox/[From Magdalena Rosen ][Date Fri, 8 Dec 2006 11:36:23 +0300]/UNNAMED/[From SEGA of America ][Date Thurs, 07 Dec 2006 17:00:02 -0800]/UNNAMED/[From DZFAN220@aol.com][Date Sun, 11 Dec 2005 19:36:54 EST]/UNNAMED/[From "Tony Torres" ][Date Mon, 11 Dec 2006 14:29:40 -0500]/UNNAMED/[From "Aaron Thomas" ][Date Sun, 21 Jan 2007 01:00:37 - ... /UNNAMED Infected: Email-Worm.Win32.Zhelatin.a skipped
 
You must log in or register to reply here.
Back
Top