E-Mail sending out messagegs

Hi,

I have received three e-mail messages in response to to an e-mail supposedly sent by me just after midnight. This email seems to have been sent to people in my address book when my PC was turned off. This has occurred before.

I understand that this happens when the PC has a virus.

Can anyone offer advice as to how to remove this virus to prevent this happening again?

I have Windows 7 and Avast! Professional and e-mail protection was set after I purchased the product.

Any help will be much appreciated.

Charlie

Follow this guide and attach the logs…not copy and paste
http://forum.avast.com/index.php?topic=53253.0

AdwCleaner
Malwarebytes
OTL
aswMBR

how do you read your mail, is it webmail or do you use a mailclient on your computer?

If your computer was turned off then I would suspect that your webmail has been hacked

also the sendt from address can be faked
the spammers harvest mail addresses and may use any of those as a fake sendt from address

http://netforbeginners.about.com/od/scamsandidentitytheft/f/spamemailaddresses.htm
http://www.private.org.il/harvest.html
http://ask-leo.com/how_do_spammers_send_email_that_looks_like_it_comes_from_me.html
http://ask-leo.com/comments_003992.php?page=2

  1. Logs attached. I ran the aswMBR.exe but it caused my PC to crash! Not impressed. To be fair I ran it from the website and didn’t download it.

  2. I use Outlook and not webmail

Hope the logs help.

Thanks for your quick replies,

Charlie

Nothing apparent there so time to go deeper

Download the latest version of TDSSKiller from here and save it to your Desktop.

[*]Doubleclick on TDSSKiller.exe to run the application

https://dl.dropbox.com/u/73555776/tdss%20start.JPG

[*]Then click on Change parameters.

https://dl.dropbox.com/u/73555776/tdss%20Change%20param.JPG

[*]Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

[*]Click the Start Scan button.

[*]If a suspicious object is detected, the default action will be Skip, click on Continue.

https://dl.dropbox.com/u/73555776/tdss%20threat.JPG

[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

[*]Get the report by selecting Reports

https://dl.dropbox.com/u/73555776/tdss%20report.JPG

[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please attach its contents on your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Hi,

Thanks for the reply.

I have run TDSSKiller and have downloaded Combofix. I know how to disable my firewall but am unable to find out how to disable “Avast! Antivirus”.

How do I do that? Thanks

Charlie

When you run combofix accept the warning but ensure that Avast does not block or quarantine any files

Logs attached as requested.

Thanks again for your help.

How is the computer behaving now ?

Hard to tell. I only knew of the problem when I received a non-delivery report and auto replies from Snapfish and Apple. I take it that you weren’t able to find any virus type stuff that secretly sends e-mails out? How about the other suggestion that it is my e-mail on Virgin Media that’s at fault?

Anyway, thanks for all your help and if it happens again I will come back for more help.

Charlie

I would tend to suspect that your e-mail account was hacked or someone stole your address