help my yahoo address is sending spam

cranky bollix

Ive just recieved a load of messages from my contacts, from everybody from lecture's' to work collegaues, going back years, and there all telling me that my email is sending vaigra spam.

these messages arent turning up in my sent mail

can someone please help me to stop this or do i have to kill my account

i have changed my password, and ran malwarebytes, where 3 virus' were found and deleted

i was referred ti virus and malware from http://www.boards.ie/vbulletin/showthread.php?p=69573168#post69573168



all help is vwry much appreciated

the files that were to be attached as per instructions are
dds is:

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by nialls at 14:59:47.93 on 15/12/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2811.1519 [GMT 0:00]

AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\nialls\Desktop\dds.com
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.ask.com?o=15470&l=dis
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: EndNote Web: {82d2e569-25a7-4e4d-9fa3-c5025b4b7912} - C:\Program Files (x86)\EndNote Web\ENWIEPlug.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: EndNote Web: {945c8270-a848-11d5-a805-00b0d092f45b} - C:\Program Files (x86)\EndNote Web\ENWIEPlug.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
mRun: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
StartupFolder: C:\Users\nialls\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
DPF: {00110000-B1BA-11CE-ABC6-F5B2E79D9E3F} - hxxp://gis.galwaycity.ie/WebDocsViewer/activeX/ltocx11n.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1287249906847
DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://gis.galwaycity.ie/planenq/MapControl/Download/mgaxctrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

================= FIREFOX ===================

FF - ProfilePath - C:\Users\nialls\AppData\Roaming\Mozilla\Firefox\Profiles\t6axx0ou.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?shva=1#inbox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\nialls\AppData\Roaming\Mozilla\Firefox\Profiles\t6axx0ou.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: EndNote Web: {322e833a-a7d4-4277-97c6-334fa1622d6a} - %profile%\extensions\{322e833a-a7d4-4277-97c6-334fa1622d6a}
FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
FF - Ext: MultirowBookmarksToolbar: {FBF6D7FB-F305-4445-BB3D-FEF66579A033} - %profile%\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
FF - Ext: HP Detect: {ab91efd4-6975-4081-8552-1b3922ed79e2} - %profile%\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

============= SERVICES / DRIVERS ===============

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2010-5-14 73856]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2010-5-14 28800]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-16 55856]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-18 121936]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-7 202752]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-18 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-18 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-18 40384]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-10-18 257936]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-10-16 104960]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-10-25 845312]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atipmdag.sys [2010-4-7 6402560]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-4-7 188928]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-10-16 19968]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-18 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-18 40384]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-16 242720]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-8 346144]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-4-8 12032]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-16 38456]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-16 135664]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-11-25 362992]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-15 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-11-25 313840]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-10-16 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-16 422768]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-10-16 67952]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-2-8 302448]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-10-16 574320]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-3-18 852336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-10-16 1223024]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-19 1255736]

=============== Created Last 30 ================

2010-12-15 14:04:35

---

d

---

w- C:\Users\nialls\AppData\Roaming\Malwarebytes
2010-12-15 14:04:32 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-15 14:04:31

---

d

---

w- C:\PROGRA~3\Malwarebytes
2010-12-15 14:04:28 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-15 14:04:28

---

d

---

w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-14 20:37:39

---

d

---

w- C:\Program Files (x86)\HP
2010-12-14 16:42:01 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{5DFC19F4-3098-4720-95E6-0A487EE16D60}\mpengine.dll
2010-12-13 21:28:38

---

d

---

w- C:\Program Files (x86)\iCare Data Recovery Software
2010-12-06 14:03:47 368640 ----a-w- C:\Windows\SysWow64\ReWire.dll
2010-12-06 14:03:47 233472 ----a-w- C:\Windows\SysWow64\REX Shared Library.dll
2010-12-06 14:01:52

---

d

---

w- C:\Users\nialls\AppData\Roaming\Propellerhead Software
2010-12-06 14:01:52

---

d

---

w- C:\PROGRA~3\Propellerhead Software
2010-12-06 14:00:52

---

d

---

w- C:\Program Files (x86)\Propellerhead
2010-12-06 13:58:20

---

d

---

w- C:\Program Files (x86)\Elaborate Bytes
2010-12-03 18:54:05

---

d

---

w- C:\Program Files (x86)\MixMeister BPM Analyzer
2010-11-27 19:46:58

---

d

---

w- C:\Users\nialls\AppData\Roaming\EurekaLog
2010-11-27 19:45:07

---

d

---

w- C:\Users\nialls\AppData\Roaming\Softplicity
2010-11-27 19:45:02

---

d

---

w- C:\Program Files (x86)\GISConverter
2010-11-24 14:37:36 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-11-24 14:37:36 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-11-23 18:54:38

---

d

---

w- C:\Users\nialls\AppData\Roaming\MapInfo
2010-11-23 18:54:38

---

d

---

w- C:\Users\nialls\AppData\Local\MapInfo
2010-11-23 18:53:33

---

d

---

w- C:\Program Files (x86)\Common Files\Macrovision Shared
2010-11-23 18:52:52

---

d

---

w- C:\Windows\Crystal
2010-11-23 18:52:48

---

d

---

w- C:\Program Files (x86)\Seagate Software
2010-11-23 18:52:46

---

d

---

w- C:\Program Files (x86)\MapInfo
2010-11-23 18:52:46

---

d

---

w- C:\PROGRA~3\MapInfo
2010-11-15 19:26:29

---

d

---

w- C:\Windows\en
2010-11-15 19:23:41 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2010-11-15 19:23:05 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-11-15 19:23:05 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-11-15 19:23:05 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-11-15 19:23:05 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-11-15 19:23:03 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2010-11-15 19:23:03 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2010-11-15 19:20:58 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
2010-11-15 19:20:46

---

d

---

w- C:\Program Files (x86)\Common Files\xing shared
2010-11-15 19:20:41 151776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2010-11-15 19:20:38 100352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
2010-11-15 19:16:59 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ab5ccf2b1cb84f92e\InstallManager_WLE_WLE.exe
2010-11-15 19:16:33 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9d342e881cb84f923\MeshBetaRemover.exe
2010-11-15 19:16:12 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90dea70d1cb84f91b\DSETUP.dll
2010-11-15 19:16:12 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90dea70d1cb84f91b\DXSETUP.exe
2010-11-15 19:16:12 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90dea70d1cb84f91b\dsetup32.dll
2010-11-15 19:16:10 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f1419861cb84f91a\DSETUP.dll
2010-11-15 19:16:10 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f1419861cb84f91a\DXSETUP.exe
2010-11-15 19:16:10 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f1419861cb84f91a\dsetup32.dll
2010-11-15 19:15:48 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\81dfa0761cb84f910\Silverlight.4.0.exe
2010-11-15 19:15:13

---

d

---

w- C:\Users\nialls\AppData\Local\Windows Live
2010-11-15 19:14:40 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-11-15 19:14:40 206848 ----a-w- C:\Windows\System32\mfps.dll
2010-11-15 19:14:40 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2010-11-15 19:14:40 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2010-11-15 19:14:40 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2010-11-15 19:14:39 4068864 ----a-w- C:\Windows\System32\mf.dll
2010-11-15 19:14:38 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2010-11-15 19:13:26

---

d

---

w- C:\Users\nialls\AppData\Local\Apple Computer

==================== Find3M ====================

2010-12-10 12:40:35 2828 --sha-w- C:\PROGRA~3\KGyGaAvL.sys
2010-11-15 19:20:33 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2010-10-19 10:41:44 270720

---

w- C:\Windows\System32\MpSigStub.exe
2010-10-18 19:14:09 88 --sh--r- C:\PROGRA~3\3715CC7906.sys
2010-10-16 16:30:14 455680 ----a-w- C:\Windows\System32\deploytk.dll
2010-10-16 16:13:18 0 ----a-w- C:\Windows\ativpsrm.bin
2010-09-23 00:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 00:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 14:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 14:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL

============= FINISH: 15:00:46.87 ===============

bhickey

cranky bollix wrote: »

i have changed my password, and ran malwarebytes, where 3 virus' were found and deleted=

Could you post the Malwarebytes log that has the detected virus details?

cranky bollix

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5318

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15/12/2010 14:54:01
mbam-log-2010-12-15 (14-54-01).txt

Scan type: Full scan (C:\|)
Objects scanned: 285116
Time elapsed: 38 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\$Recycle.Bin\s-1-5-21-3496763843-589687590-3053602433-1001\$RHM19YK\mapinfo 9.0\mapinfo.professional.v9.0.build.42.winall.cracked-nope\crack\mapinfo.professional.v9.0.build.42-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files (x86)\MapInfo\professional\mapinfo.professional.v9.0.build.42-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files (x86)\native instruments\traktor dj studio 3\patch t3 with ts.exe (Trojan.Agent) -> Quarantined and deleted successfully.

discombobulate

Happened with mine too. Most likely that a virus or something took all your contacts and your email address and your address is now being spoofed to send the emails.

cranky bollix

is there anyway of stopping it

cranky bollix

bump!!

its still sending mail, ive deleted all my contacts, if its still sending them tomorrow, ill have to delete an account of nearly 10 years:(

if anyone could help it would be greatly appreciated

JDxtra

The bad virus making people already have you and your contacts details. It's likely they are spamming your contacts from another bot and faking the from address as yours. Deleting your account will achieve nothing, the spam will probably continue.

bhickey

Are you sure it's actually your own account that's doing this? Maybe at this stage there're just forged e-mails with contact details that were previously harvested from your account. Can you get hold of the full headers from someone for one of these e-mails that was sent out?

One thing spammers love is real e-mail addresses - it saves them having to make them up. An invaluable source of real e-mail addresses would be people's contacts lists.

So you could delete the account but it mightn't actually make any difference to the spam e-mails being sent to your contacts.

There are a lot of discussions on the Internet about this exact subject. Have you found anything useful among them?

cranky bollix

bhickey wrote: »

Are you sure it's actually your own account that's doing this? Maybe at this stage there're just forged e-mails with contact details that were previously harvested from your account. Can you get hold of the full headers from someone for one of these e-mails that was sent out?

One thing spammers love is real e-mail addresses - it saves them having to make them up. An invaluable source of real e-mail addresses would be people's contacts lists.

So you could delete the account but it mightn't actually make any difference to the spam e-mails being sent to your contacts.

There are a lot of discussions on the Internet about this exact subject. Have you found anything useful among them?

not really sure what you mean by full headers?

from the info i found on the net so far, it seems to be yahoo and hotmail accounts that are being hacked, with a lot of people saying that deleting your contacts does stop it, but i dont know yet, im sure ill find out soon...

dont really know what to do, i dont use the account anymore for everyday stuff, but ive got a lot of emails saved that i do not want to get rid of + theres a few subscriptions that i dont want to go through the hassle of changing

i just dont want my mails to be hassling people with spam

bhickey

cranky bollix wrote: »

not really sure what you mean by full headers?

Juts Google "yahoo show headers". I don't have a Yahoo account so I can't test it for you. What the headers will show is the full path travelled by the e-mail from source to destination. This information can be used to figure out whether or not an e-mail is genuine or not. If you're able to look at the headers of an e-mail allegedly sent from you, you can probably guess whether ot not it really was delivered via your Yahoo account.

dont really know what to do, i dont use the account anymore for everyday stuff, but ive got a lot of emails saved that i do not want to get rid of + theres a few subscriptions that i dont want to go through the hassle of changing

Don't worry about losing any e-mails. If you switch to something like a Gmail account, you'll be able to download everything from Yahoo and then upload it all to the the new gmail account.

i just dont want my mails to be hassling people with spam

Well at this stage, it might be too late and if the spammers are simply forging your details in the e-mails then it could be that nothing you do will stop the spam.

Nothingbetter2d

sadly yahoo mail gets hacked so often that the list of yahoo's email service users gets stolen far to often.

best thing u can do is close your yahoo email ac.

go use a private email service rather than using webmail for keeping in contact with friends.

avoid using hotmail, gmail, yahoo, for business related emails as they are way too unsecure.