[Hello World!]

Hi there. About a week ago my yahoo, facebook, and hotmail accounts online were breached. They all had different, strong passwords, so I think it must have been a keylogger or some other nasty on my computer. The passwords on these accounts were not changed by the intruder. I have since changed them from a different, presumably uninfected computer. The hotmail account was used to send spam to people I had recently sent e-mail to (but not all of which were on my contact list). Here's a sample e-mail:

Subject: RE: [first-name of recipient]

hey [first-name of recipient] youll see why i spend time on this make it a habit to be a winner i wish the people who came up with this were properly recognized and thanked [http]://t.co/2GWHxmGn [this is probably malicious] the most important part of this is the trick itself begin the journey to sucess

Avira detected some stuff but it looked to be all false positives. It also detected a "hidden driver", and some other hidden stuff that it popped a warning about, but this was a dead end. MalwareBytes found nothing, but the trial's active protection caught possibly harmful outgoing connections to 212.117.183.170 and 91.224.160.230 by java.exe.

I'm thinking this is some kind of rootkit but iunno. OTL and gmer logs are attached.

Attached Files

•  OTL.Txt   162.8KB   48 downloads
•  gmerlog.log   3KB   81 downloads

Edited by Hello World!, 27 July 2012 - 01:43 AM.