hello,i am french so i am sorry for my bad english , i try to speak as well as i can…
since 3 days,there is a strange icon who appears at the bottom of the screen near the time…i can’t click on it.When i let my pointer on it ,it is written "avast courrier electronique(mail)"and there are some mail adress which often change.i don’t know these addresses…
would you mind helping me ?please!
thank you…
Your English is good.
You may have a spambot Trojan on your system. What is your operating system? Try downloading, installing, and scanning with one of these programs to remove Trojans–best to run in safe mode:
If you have WinXP, AVG AntiSpyware (formerly ewido)
http://www.ewido.net/en/download/
If you have Win 98 or ME, a-squared
http://www.emsisoft.com/en/software/free/
Both programs are free. Be sure to update the program before running it.
I hope this helps. Please let us know.
It looks like the Internet Mail icon which only appears when email is being scanned, it should look like this, see image.
Your English if fine, welcome to the forums.
Davidr you’re right!it is the icon which is on your image…
however i can t remove it …i have windows xp , the link for the anti spyware doesnt work…
I gonna try to download the program on a another site and i gonna tell you if the problem is solved or not!
Thank you for your help !it is nice!
There should be no need to remove it, when it isn’t scanning it shouldn’t be there. If it is there it is possible that you sending out email that you don’t know about, e.g. a trojan spambot on your system.
Try this link for AVG anti-spyware A.K.A. Ewido, http://www.ewido.net/en/download/ I have just tried it and it works, download, update and run from safe mode.
I suggest you enable Email - Show detailed info on performed actions, this will show what email is being scanned, especially if you aren’t sending any.
http://img.photobucket.com/albums/v325/for-dwr/showdetailedmail.jpg
If the Show detailed info on performed actions doesn’t show that email is being scanned but the icon is still there let us know as there is something wrong with your set-up. It is possible to disable the email icon, but I feel it provides a valuable check on what is going on.
i installed avg antispyware,i made a complete analysist of my system …i suppressed all the bad things there was,but the icon is still there and apparently there is mail which are sent thanks to my computer because when i enabled Email - Show detailed info on performed actions,there was at the bottom of my screen a message of avast every five seconds…
i am worried about that problem
Do you have a firewall ?
I suspect not or just the XP firewall which doesn’t provide outbound protection. This would hopefully detect the program sending out the emails (spam), giving you a chance to block it.
Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.
Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.
- Zone Alarm free http://www.zonelabs.com works fine with avast and has a reasonably friendly user interface. There are others, Comodo, Sunbelt Kerio, Jetico, etc.
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php. Also see http://www.thefreecountry.com/security/firewalls.shtml
Also see http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php later set of results
I would go with zone alarm free for the time being to get some additional protection.
Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2 or HiJackThis Tutorial 3
On-line analysis - HiJackThis Log file - On-line Analysis OR HiJackThis Log file - On-line Analysis 2
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.
X-RayPc Spyware Remover Process Analyzer http://www.x-raypc.com/
It will be good if you download, install, update and run other trojan remover tools:
a-squared
SUPERantispyware
But again, seems that we need some info from the firewall as David asked.
Full computer on-line scanning will help too:
Kaspersky (the best!)
Trendmicro housecall
sorry for answering so late…I try to remove the trojan with severals tools like ad aware,spybot,avg, and others but no one detected the trojan…
Davidr could you explain again since it is difficult for me to understand please!i dont understand when you talk about hijack…
There are three tutorial links (click the Blue text) that can do a better job than I can explaining how to use HJT. Basically it analysis your system for things that are running on it. From that we can analyse/diagnose what might be nasty, etc. there are even on-line analysis tool links.
This is how it is possible to find things other tools can’t.
Cutkilla, besides the effort of David to guide you, take in account that HijackThis is not a toy… it’s a complicated (advanced) tool for malware removal.
Maybe you need to get some assistance with it.
The problem is solved!!!Thank you very much for helping!!thanks to hijackthis the problem is solved!!it is nice!
If you can explain what you did, it might well help others in the future who read this topic.
I’m glad that the problem is solved.
So for the future you might also consider proactive protection, in order to place files in the system folders and create registry entries you need permission. Prevention is much better and theoretically easier than cure.
Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.
Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.
yes of course!
firstly i used “hijackthis”!i made a scan…This program is a little difficult so i read the tutorial and this link helped me too:http://www.sysinfo.org/bholist.php…
Thanks to this link i could find elements which were malware or trojan and elements which were not trojan.
i selected all the bad things and i clicked on “fix check” !
You have to know that it was necessary for me to use this program since the others one didn’t find the problem…
And when you use "hijackthis"you had better make backups…it helps if you did errors!
Again i am sorry for my bad english and thank you very much for your helps!
Thank you for your feed back, it should help others in showing it is necessary to use the tutorial as they also have lots of other useful information available or links to it.
HiJackThis should by default make a backup of what you fix, so you should be able to restore the fix if required.
Your English really is fine, glad we could help and a belated welcome to the forums.