Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

help my yahoo address is sending spam

  • 15-12-2010 3:05pm
    #1
    Registered Users, Registered Users 2 Posts: 583 ✭✭✭


    Ive just recieved a load of messages from my contacts, from everybody from lecture's' to work collegaues, going back years, and there all telling me that my email is sending vaigra spam.

    these messages arent turning up in my sent mail

    can someone please help me to stop this or do i have to kill my account

    i have changed my password, and ran malwarebytes, where 3 virus' were found and deleted

    i was referred ti virus and malware from http://www.boards.ie/vbulletin/showthread.php?p=69573168#post69573168



    all help is vwry much appreciated

    the files that were to be attached as per instructions are
    dds is:

    DDS (Ver_10-12-12.02) - NTFS_AMD64
    Run by nialls at 14:59:47.93 on 15/12/2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2811.1519 [GMT 0:00]

    AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Care\VCSpt.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Apoint\ApMsgFwd.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Apoint\Apvfb.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\nialls\Desktop\dds.com
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.ask.com?o=15470&l=dis
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01
    uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: EndNote Web: {82d2e569-25a7-4e4d-9fa3-c5025b4b7912} - C:\Program Files (x86)\EndNote Web\ENWIEPlug.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: EndNote Web: {945c8270-a848-11d5-a805-00b0d092f45b} - C:\Program Files (x86)\EndNote Web\ENWIEPlug.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
    mRun: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    StartupFolder: C:\Users\nialls\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    DPF: {00110000-B1BA-11CE-ABC6-F5B2E79D9E3F} - hxxp://gis.galwaycity.ie/WebDocsViewer/activeX/ltocx11n.cab
    DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1287249906847
    DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://gis.galwaycity.ie/planenq/MapControl/Download/mgaxctrl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    ================= FIREFOX ===================

    FF - ProfilePath - C:\Users\nialls\AppData\Roaming\Mozilla\Firefox\Profiles\t6axx0ou.default\
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?shva=1#inbox
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\nialls\AppData\Roaming\Mozilla\Firefox\Profiles\t6axx0ou.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: EndNote Web: {322e833a-a7d4-4277-97c6-334fa1622d6a} - %profile%\extensions\{322e833a-a7d4-4277-97c6-334fa1622d6a}
    FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
    FF - Ext: MultirowBookmarksToolbar: {FBF6D7FB-F305-4445-BB3D-FEF66579A033} - %profile%\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
    FF - Ext: HP Detect: {ab91efd4-6975-4081-8552-1b3922ed79e2} - %profile%\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

    ============= SERVICES / DRIVERS ===============

    R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2010-5-14 73856]
    R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2010-5-14 28800]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-16 55856]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-18 121936]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-7 202752]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-18 20048]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-18 61008]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-18 40384]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
    R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-10-18 257936]
    R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-10-16 104960]
    R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]
    R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]
    R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-10-25 845312]
    R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atipmdag.sys [2010-4-7 6402560]
    R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-4-7 188928]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-10-16 19968]
    R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-18 40384]
    R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-18 40384]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-16 242720]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-8 346144]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-4-8 12032]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-16 38456]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-16 135664]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-11-25 362992]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-15 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-11-25 313840]
    S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-10-16 108400]
    S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-16 422768]
    S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-10-16 67952]
    S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-2-8 302448]
    S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-10-16 574320]
    S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-3-18 852336]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]
    S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-10-16 1223024]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-19 1255736]

    =============== Created Last 30 ================

    2010-12-15 14:04:35
    d
    w- C:\Users\nialls\AppData\Roaming\Malwarebytes
    2010-12-15 14:04:32 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2010-12-15 14:04:31
    d
    w- C:\PROGRA~3\Malwarebytes
    2010-12-15 14:04:28 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2010-12-15 14:04:28
    d
    w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2010-12-14 20:37:39
    d
    w- C:\Program Files (x86)\HP
    2010-12-14 16:42:01 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{5DFC19F4-3098-4720-95E6-0A487EE16D60}\mpengine.dll
    2010-12-13 21:28:38
    d
    w- C:\Program Files (x86)\iCare Data Recovery Software
    2010-12-06 14:03:47 368640 ----a-w- C:\Windows\SysWow64\ReWire.dll
    2010-12-06 14:03:47 233472 ----a-w- C:\Windows\SysWow64\REX Shared Library.dll
    2010-12-06 14:01:52
    d
    w- C:\Users\nialls\AppData\Roaming\Propellerhead Software
    2010-12-06 14:01:52
    d
    w- C:\PROGRA~3\Propellerhead Software
    2010-12-06 14:00:52
    d
    w- C:\Program Files (x86)\Propellerhead
    2010-12-06 13:58:20
    d
    w- C:\Program Files (x86)\Elaborate Bytes
    2010-12-03 18:54:05
    d
    w- C:\Program Files (x86)\MixMeister BPM Analyzer
    2010-11-27 19:46:58
    d
    w- C:\Users\nialls\AppData\Roaming\EurekaLog
    2010-11-27 19:45:07
    d
    w- C:\Users\nialls\AppData\Roaming\Softplicity
    2010-11-27 19:45:02
    d
    w- C:\Program Files (x86)\GISConverter
    2010-11-24 14:37:36 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
    2010-11-24 14:37:36 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
    2010-11-23 18:54:38
    d
    w- C:\Users\nialls\AppData\Roaming\MapInfo
    2010-11-23 18:54:38
    d
    w- C:\Users\nialls\AppData\Local\MapInfo
    2010-11-23 18:53:33
    d
    w- C:\Program Files (x86)\Common Files\Macrovision Shared
    2010-11-23 18:52:52
    d
    w- C:\Windows\Crystal
    2010-11-23 18:52:48
    d
    w- C:\Program Files (x86)\Seagate Software
    2010-11-23 18:52:46
    d
    w- C:\Program Files (x86)\MapInfo
    2010-11-23 18:52:46
    d
    w- C:\PROGRA~3\MapInfo
    2010-11-15 19:26:29
    d
    w- C:\Windows\en
    2010-11-15 19:23:41 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
    2010-11-15 19:23:05 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
    2010-11-15 19:23:05 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
    2010-11-15 19:23:05 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
    2010-11-15 19:23:05 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
    2010-11-15 19:23:03 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
    2010-11-15 19:23:03 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
    2010-11-15 19:20:58 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
    2010-11-15 19:20:46
    d
    w- C:\Program Files (x86)\Common Files\xing shared
    2010-11-15 19:20:41 151776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
    2010-11-15 19:20:38 100352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
    2010-11-15 19:16:59 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ab5ccf2b1cb84f92e\InstallManager_WLE_WLE.exe
    2010-11-15 19:16:33 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9d342e881cb84f923\MeshBetaRemover.exe
    2010-11-15 19:16:12 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90dea70d1cb84f91b\DSETUP.dll
    2010-11-15 19:16:12 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90dea70d1cb84f91b\DXSETUP.exe
    2010-11-15 19:16:12 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90dea70d1cb84f91b\dsetup32.dll
    2010-11-15 19:16:10 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f1419861cb84f91a\DSETUP.dll
    2010-11-15 19:16:10 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f1419861cb84f91a\DXSETUP.exe
    2010-11-15 19:16:10 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f1419861cb84f91a\dsetup32.dll
    2010-11-15 19:15:48 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\81dfa0761cb84f910\Silverlight.4.0.exe
    2010-11-15 19:15:13
    d
    w- C:\Users\nialls\AppData\Local\Windows Live
    2010-11-15 19:14:40 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
    2010-11-15 19:14:40 206848 ----a-w- C:\Windows\System32\mfps.dll
    2010-11-15 19:14:40 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
    2010-11-15 19:14:40 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2010-11-15 19:14:40 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2010-11-15 19:14:39 4068864 ----a-w- C:\Windows\System32\mf.dll
    2010-11-15 19:14:38 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
    2010-11-15 19:13:26
    d
    w- C:\Users\nialls\AppData\Local\Apple Computer

    ==================== Find3M ====================

    2010-12-10 12:40:35 2828 --sha-w- C:\PROGRA~3\KGyGaAvL.sys
    2010-11-15 19:20:33 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2010-10-19 10:41:44 270720
    w- C:\Windows\System32\MpSigStub.exe
    2010-10-18 19:14:09 88 --sh--r- C:\PROGRA~3\3715CC7906.sys
    2010-10-16 16:30:14 455680 ----a-w- C:\Windows\System32\deploytk.dll
    2010-10-16 16:13:18 0 ----a-w- C:\Windows\ativpsrm.bin
    2010-09-23 00:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
    2010-09-23 00:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
    2010-09-21 14:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
    2010-09-21 14:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL

    ============= FINISH: 15:00:46.87 ===============


Comments

  • Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭bhickey


    i have changed my password, and ran malwarebytes, where 3 virus' were found and deleted=

    Could you post the Malwarebytes log that has the detected virus details?


  • Registered Users, Registered Users 2 Posts: 583 ✭✭✭cranky bollix


    Malwarebytes' Anti-Malware 1.50
    www.malwarebytes.org

    Database version: 5318

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    15/12/2010 14:54:01
    mbam-log-2010-12-15 (14-54-01).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 285116
    Time elapsed: 38 minute(s), 29 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 3

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\$Recycle.Bin\s-1-5-21-3496763843-589687590-3053602433-1001\$RHM19YK\mapinfo 9.0\mapinfo.professional.v9.0.build.42.winall.cracked-nope\crack\mapinfo.professional.v9.0.build.42-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\program files (x86)\MapInfo\professional\mapinfo.professional.v9.0.build.42-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\program files (x86)\native instruments\traktor dj studio 3\patch t3 with ts.exe (Trojan.Agent) -> Quarantined and deleted successfully.


  • Registered Users, Registered Users 2 Posts: 2,846 ✭✭✭discombobulate


    Happened with mine too. Most likely that a virus or something took all your contacts and your email address and your address is now being spoofed to send the emails.


  • Registered Users, Registered Users 2 Posts: 583 ✭✭✭cranky bollix


    is there anyway of stopping it


  • Registered Users, Registered Users 2 Posts: 583 ✭✭✭cranky bollix


    bump!!

    its still sending mail, ive deleted all my contacts, if its still sending them tomorrow, ill have to delete an account of nearly 10 years:(

    if anyone could help it would be greatly appreciated


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 6,003 ✭✭✭JDxtra


    The bad virus making people already have you and your contacts details. It's likely they are spamming your contacts from another bot and faking the from address as yours. Deleting your account will achieve nothing, the spam will probably continue.


  • Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭bhickey


    Are you sure it's actually your own account that's doing this? Maybe at this stage there're just forged e-mails with contact details that were previously harvested from your account. Can you get hold of the full headers from someone for one of these e-mails that was sent out?

    One thing spammers love is real e-mail addresses - it saves them having to make them up. An invaluable source of real e-mail addresses would be people's contacts lists.

    So you could delete the account but it mightn't actually make any difference to the spam e-mails being sent to your contacts.

    There are a lot of discussions on the Internet about this exact subject. Have you found anything useful among them?


  • Registered Users, Registered Users 2 Posts: 583 ✭✭✭cranky bollix


    bhickey wrote: »
    Are you sure it's actually your own account that's doing this? Maybe at this stage there're just forged e-mails with contact details that were previously harvested from your account. Can you get hold of the full headers from someone for one of these e-mails that was sent out?

    One thing spammers love is real e-mail addresses - it saves them having to make them up. An invaluable source of real e-mail addresses would be people's contacts lists.

    So you could delete the account but it mightn't actually make any difference to the spam e-mails being sent to your contacts.

    There are a lot of discussions on the Internet about this exact subject. Have you found anything useful among them?

    not really sure what you mean by full headers?

    from the info i found on the net so far, it seems to be yahoo and hotmail accounts that are being hacked, with a lot of people saying that deleting your contacts does stop it, but i dont know yet, im sure ill find out soon...

    dont really know what to do, i dont use the account anymore for everyday stuff, but ive got a lot of emails saved that i do not want to get rid of + theres a few subscriptions that i dont want to go through the hassle of changing

    i just dont want my mails to be hassling people with spam


  • Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭bhickey


    not really sure what you mean by full headers?

    Juts Google "yahoo show headers". I don't have a Yahoo account so I can't test it for you. What the headers will show is the full path travelled by the e-mail from source to destination. This information can be used to figure out whether or not an e-mail is genuine or not. If you're able to look at the headers of an e-mail allegedly sent from you, you can probably guess whether ot not it really was delivered via your Yahoo account.

    dont really know what to do, i dont use the account anymore for everyday stuff, but ive got a lot of emails saved that i do not want to get rid of + theres a few subscriptions that i dont want to go through the hassle of changing

    Don't worry about losing any e-mails. If you switch to something like a Gmail account, you'll be able to download everything from Yahoo and then upload it all to the the new gmail account.

    i just dont want my mails to be hassling people with spam

    Well at this stage, it might be too late and if the spammers are simply forging your details in the e-mails then it could be that nothing you do will stop the spam.


  • Closed Accounts Posts: 4,037 ✭✭✭Nothingbetter2d


    sadly yahoo mail gets hacked so often that the list of yahoo's email service users gets stolen far to often.

    best thing u can do is close your yahoo email ac.

    go use a private email service rather than using webmail for keeping in contact with friends.

    avoid using hotmail, gmail, yahoo, for business related emails as they are way too unsecure.


  • Advertisement
Advertisement