I am running Windows XP Home SP2 - Problem started June 9 10:44am...my personal yahoo email account sent out emails to all of my contacts in my Yahoo email account with links that were found to either contain a trojan horse or send anyone who clicked on the link to a site with a trojan horse. There was no subject in the email, simply a link. I was running Avast anti-virus at the time. I have since ran Avast, Norton, Eset Nod32, and the Windows Malicious software removal tool as well as both SuperAntiSpyware and Malwarebytes - all run in both regular and safe mode.
Avast found Java:Agent-AXI and sucessfully removed it...then after running Norton AV, a suspected virus was detected in sdfix.exe and sucessfully removed...then after running Superantispyware, i received trojan detections in C:\i386\compimpxml.dll and c:\windows\system32\compimpxml.dll both were sucessfully removed, then I ran the Windows Malicious Detection software and it found and removed Trojan JS:\Hiloti.E and JS:\Hiloti.F...
well, during all of this work, my damn PC somehow sent out 2 more spam emails (one Sunday Night at 8:26 and another just today at 4:22) to all of my contacts once again containing links infected with trojan horses! So since June 9, my PC has sent out 3 different trojan horse email to all of my yahoo account contacts...
BELOW IS A COPY/PASTE OF THE LINK I WAS SENT BY THIS VIRUS:
Message flagged Tuesday, June 19, 2012 4:23 PM
I also use Microsoft Outlook as an alternate email account and none of my contacts have been compromised, so this issue is specific only to my yahoo email account contacts - not my Outlook contacts
Any ideas? I have tried 6 different AV / Maleware programs and have received / removed 6 different suspected issues...none of which seem to have resolved this original issue of the trojan-laden spam emails to all my contacts in my yahoo account?
I have not run Hijack this, Combofix, defogger, dds, or gmer yet, but I do have them downloaded and ready to go...
UPDATE - ALL - YAHOO'S RECENT LOGIN ACTIVITY LOG PASTED BELOW - I'VE GOT SOMEONE FROM MEXICO LOGGING INTO MY PC AT THE SAME TIME AS MY MACHINE SPAMS...I HAVE CHANGED MY PASSWORD, BUT NOT SURE I STILL DON;T HAVE A VIRUS
Recent Login ActivityBack to Account InfoYour most recent activity includes any times that you signed into Yahoo! by entering your Yahoo! ID and password (not limited to Mail).
Date/Time (America/New_York) Access Type Event Location
Today 11:00 PM Browser Logged In FL, US184.108.40.206
10:57 PM Browser Logged In FL, US220.127.116.11
10:56 PM Browser Mail Access FL, US18.104.22.168
7:02 PM Browser Mail Access FL, US22.214.171.124
6:50 PM Browser Mail Access FL, US126.96.36.199
4:21 PM Browser Logged in to Mail Mexico188.8.131.52
4:05 PM Browser Mail Access FL, US184.108.40.206
1:45 PM Browser Mail Access FL, US220.127.116.11
1:05 PM Browser Mail Access FL, US18.104.22.168
12:50 PM Browser Mail Access FL, US22.214.171.124
10:40 AM Browser Mail Access FL, US126.96.36.199
9:23 AM Browser Mail Access FL, US
Edited by bsbokor, 19 June 2012 - 10:13 PM.