Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

No Virus found but AVAST shows spam emails being sent!

Status
Not open for further replies.
bkirkpatrick

bkirkpatrick

Programmer
Dec 8, 2003
29
0
0
US
I swallowed a virus and removed all of them per (Avast, Spybot search and destroy, malware bytes, superanitspyware remover). There are no browser redirects or anything like that. However, after the computer comes to life on a restart, my AVAST begins alerting me that spam email is being sent and I can see the email addresses being sent via the Avast notifier (all spam / junk email with unknown sender addresses). The notifier also points to one of the svchost.exe files.

I have done a boot time scan and everything checks out. I had to replace my user32.dll file originally but this is the only thing left. I ran a hijack this log and the only thing it hits on is a windows updater being unknown. I deleted that but it keeps coming back. However hijack this reports it as a neutral item. Don't know if this is part of the problem or not.
 
Sort by date Sort by votes
Ran combofix and found:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\user\Application Data\inst.exe

----- BITS: Possible infected sites -----

hxxp://myimagesafe.com
Infected copy of c:\windows\system32\drivers\ndis.sys was found and disinfected
Restored copy from - The cat ate it :)

Working so far. My question is how do I block outgoing mail traffic like that in the future.
 
Upvote 0 Downvote
From what I have researched, those are false positives. Also, be very careful when using combofix. If you want less dangerous malware removal tools, use these below.


Super anti spyware

Malware Bytes Anti Malware

CCleaner (actually this is a temp remover but malware installers hide in temp locations many of times)

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
98
Oorde
Oorde
1DMF
  • Locked
  • Question
AVAST latest free version causing nothing but problems 2
2
Replies
20
Views
167
1DMF
1DMF
andyv2011
  • Locked
  • Question
Looking at Virus Actions
Replies
0
Views
48
andyv2011
andyv2011
Tiffc0922
  • Locked
  • Question
Virus / Malware Scans on Local PCs
Replies
5
Views
71
goombawaho
goombawaho
Henry Pence
  • Locked
  • Question
Is Norton Antivirus Necessary?
Replies
2
Views
64
Henry Pence
Henry Pence

Part and Inventory Search

Sponsor

Back
Top