Status: Deleted (events: 2) 12/21/2011 22:19:58 Deleted virus HEUR:Trojan.Win32.Generic C:\_OTL\MovedFiles\12202011_230819\c_windows\oyuveruqapiweson.dll High 12/21/2011 23:15:41 Deleted virus HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP3\A0000109.dll High Status: Disinfected (events: 44) 12/21/2011 22:30:56 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:CitiBusiness Reminder: Please Update Your Details! -Thu, 14 Feb 2008 20:37:00 -0600][Time:2008/02/14 21:37:03]/HTMLBody High 12/21/2011 22:32:05 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Citibank][Subject:automatic notification!][Time:2008/02/22 11:44:56]/HTMLBody High 12/21/2011 22:32:09 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:Important notification.][Time:2008/02/24 09:30:20]/HTMLBody High 12/21/2011 22:32:18 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:CitiBusiness: Online Banking Notification! ][Time:2008/02/27 01:39:52]/HTMLBody High 12/21/2011 22:32:18 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Citibank][Subject:CitiBusiness Customer Service: Official Information. (Wed, 27 Feb 2008 04:08:08 -0600)][Time:2008/02/27 05:08:11]/HTMLBody High 12/21/2011 22:32:25 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Citi][Subject:Our Enhanced Online Security Measures (Fri, 29 Feb 2008 02:25:42 -0600)][Time:2008/02/29 03:25:55]/HTMLBody High 12/21/2011 22:32:29 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:Automatic Account Reminder. -Sat, 01 Mar 2008 03:54:48 -0600][Time:2008/03/01 04:54:51]/HTMLBody High 12/21/2011 22:32:38 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:CitiBusiness: Online Banking Account Confirmation! [Tue, 04 Mar 2008 14:41:57 -0500]][Time:2008/03/04 14:41:51]/HTMLBody High 12/21/2011 22:32:45 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:urgent message from CitiBusiness! ][Time:2008/03/06 03:32:32]/HTMLBody High 12/21/2011 22:32:49 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:CitiBusiness: our enhanced online security measures! [message ref: ZP873000726983UH]][Time:2008/03/07 04:41:13]/HTMLBody High 12/21/2011 22:32:54 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:Important notice from CitiBusiness -Sat, 08 Mar 2008 09:06:21 -0600][Time:2008/03/08 10:06:24]/HTMLBody High 12/21/2011 22:33:03 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:Information from CitiBusiness customer service!][Time:2008/03/10 20:33:09]/HTMLBody High 12/21/2011 22:33:17 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:CitiBusiness][Subject:CitiBusiness customer service: security maintenance ][Time:2008/03/16 01:06:30]/HTMLBody High 12/21/2011 22:33:26 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:Important: digital certificate issued [message ref: y589490091044h]][Time:2008/03/18 06:35:06]/HTMLBody High 12/21/2011 22:33:31 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:important instructions: new digital certificate issued][Time:2008/03/19 03:49:54]/HTMLBody High 12/21/2011 22:33:46 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:HSBC Bank][Subject:HSBC bank: urgent message [Fri, 21 Mar 2008 22:30:34 -0600]][Time:2008/03/21 23:24:34]/HTMLBody High 12/21/2011 22:33:47 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:Important reminder: digital certificate issued][Time:2008/03/22 03:29:08]/HTMLBody High 12/21/2011 22:34:06 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:HSBC Bank][Subject:HSBC bank Customer Service: Notification!][Time:2008/03/27 20:43:45]/HTMLBody High 12/21/2011 22:34:42 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:HSBC][Subject:Confirm your online account access -Mon, 07 Apr 2008 17:41:24 -0600][Time:2008/04/07 17:41:28]/HTMLBody High 12/21/2011 22:35:04 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:Important instructions: digital certificate issued][Time:2008/04/14 10:41:36]/HTMLBody High 12/21/2011 22:35:13 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:important instructions: digital certificate issued][Time:2008/04/16 14:22:01]/HTMLBody High 12/21/2011 22:35:20 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:Important: Digital Certificate Issued >][Time:2008/04/18 06:43:32]/HTMLBody High 12/21/2011 22:35:29 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America][Subject:Important: Digital Certificate Issued [Mon, 21 Apr 2008 00:09:02 -0500]][Time:2008/04/20 23:09:10]/HTMLBody High 12/21/2011 22:44:38 Disinfected Trojan program Trojan-Spy.HTML.Paylap.sx Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:service@intl.paypal.com][Subject:Unauthorized Access to your account.][Time:2008/04/22 06:04:08]/HTMLBody High 12/21/2011 22:44:40 Disinfected Trojan program Trojan-Spy.HTML.Paylap.sx Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:service@intl.paypal.com][Subject:Unauthorized Access to your account.][Time:2008/04/22 07:56:03]/HTMLBody High 12/21/2011 22:45:01 Disinfected Trojan program Trojan-Spy.HTML.Paylap.sx Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:service@intl.paypal.com][Subject:Unauthorized Access to your account.][Time:2008/04/23 04:20:38]/HTMLBody High 12/21/2011 22:45:50 Disinfected Trojan program Trojan-Spy.HTML.Paylap.sx Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:service@intl.paypal.com][Subject:Unauthorized Access to your account.][Time:2008/04/26 15:24:49]/HTMLBody High 12/21/2011 22:46:43 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Chase][Subject:Chase Bank: urgent security notification for clients][Time:2008/05/11 11:48:52]/HTMLBody High 12/21/2011 22:46:56 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Chase bank][Subject:Chase Bank: Please Confirm Your Data. -Wed, 14 May 2008 09:52:06 -0800][Time:2008/05/14 11:52:05]/HTMLBody High 12/21/2011 22:47:14 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Chase][Subject:important information from customer service][Time:2008/05/22 07:33:31]/HTMLBody High 12/21/2011 22:47:57 Disinfected Trojan program Trojan-Spy.HTML.Bankfraud.uq Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Sun Trust Support Center][Subject:Sun Trust Banks Update][Time:2008/06/12 06:30:34]/HTMLBody High 12/21/2011 22:47:58 Disinfected Trojan program Trojan-Spy.HTML.Bankfraud.ur Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Sun Trust Update Service][Subject:Sun Trust Banks Customer Warning][Time:2008/06/12 11:36:02]/HTMLBody High 12/21/2011 22:48:54 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:NatWest Bank][Subject:automatic notification. [message id: MA61322075774950]][Time:2008/06/30 03:13:46]/HTMLBody High 12/21/2011 22:49:01 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Chase Online][Subject:Important Message! [message ref: 02940995173]][Time:2008/07/02 00:33:29]/HTMLBody High 12/21/2011 22:49:02 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:abuse@intl.paypal.com][Subject:PayPal Security Measures][Time:2008/07/02 06:33:25]/HTMLBody High 12/21/2011 22:49:15 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Chase Online][Subject:Chase Bank Customer Service: Important Banking Mail! [Mon, 07 Jul 2008 21:25:27 -0600]][Time:2008/07/07 21:25:31]/HTMLBody High 12/21/2011 22:50:15 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Bank of America Inc.][Subject:Bank of America Please Update Your Records!][Time:2008/08/01 23:17:12]/HTMLBody High 12/21/2011 22:50:40 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Wells Fargo Group][Subject:Wells Fargo - Records Verification][Time:2008/08/09 19:47:18]/HTMLBody High 12/21/2011 22:51:37 Disinfected Trojan program Trojan-Spy.HTML.Fraud.dg Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Davidde Gearardo][Subject:Hi][Time:2008/09/14 04:29:09]/HTMLBody High 12/21/2011 22:52:10 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Fulton Bank CashLink][Subject:Fulton Bank CashLink Urgent Security E-mail - ref: 575][Time:2008/09/23 05:44:22]/HTMLBody High 12/21/2011 22:52:27 Disinfected virus HEUR:Trojan.Win32.Generic Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:ICS Monitoring Team][Subject:Your internet access is going to get suspended][Time:2008/09/27 03:58:13]/user-EA49943X-activities.zip High 12/21/2011 22:52:26 Disinfected virus HEUR:Trojan.Win32.Generic Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:ICS Monitoring Team][Subject:Your internet access is going to get suspended][Time:2008/09/27 03:58:13]/user-EA49943X-activities.zip/user-EA49943X-activities.exe High 12/21/2011 22:52:26 Disinfected virus HEUR:Trojan.Win32.Generic Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:ICS Monitoring Team][Subject:Your internet access is going to get suspended][Time:2008/09/27 03:58:13]/user-EA49943X-activities.zip/user-EA49943X-activities.exe//UPX High 12/21/2011 22:57:53 Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Personal Folders\Top of Personal Folders\Junk E-mail\[From:Chase][Subject:Chase Bank: important banking mail ][Time:2009/08/12 01:34:45]/HTMLBody High