envois en quantité importante

bonjour,
des messages comme ceux-ci apparaissent dès que j’ai fait vérifier les messages sur les sites et que je fais rapatrier les messages amis par mailwasher

Il y a trop de mails identiques envoyés dans un faible intervalle de temps
Expéditeur : Mail Delivery Subsystem MAILER-DAEMON@laposte.net
Destinataire : elodie@invitation.achatsvip.com
Sujet : Returned mail: User unknown

Il y a trop de mails identiques envoyés dans un faible intervalle de temps
Expéditeur : Mail Delivery Subsystem MAILER-DAEMON@freesurf.fr
Destinataire : excpm@dk.ibm.com
Sujet : Returned mail: User unknown

Il y a trop de mails identiques envoyés dans un faible intervalle de temps
Expéditeur : Mail Delivery Subsystem MAILER-DAEMON@freesurf.fr
Destinataire : marissankq38@mtlx.com
Sujet : Returned mail: User unknown

aucun logiciel antivirus/antispams ne détecte quoique ce soit !!!
que faire ??
cordialement

Hello, this is an English language forum, for furhter help will you please use an online translation service for your posts.

What anti spam program do you use, and do you have any antispyware installed?
It seems that you (or your friend - I am not certain as I don’t speak French) may have a spambot installed.

(Courtesy Google)
Bonjour, il s’agit d’un forum en anglais, pour aider furhter s’il vous plaît allez-vous utiliser un service de traduction en ligne pour vos messages.

Quel programme anti-spam que vous utilisez, et avez-vous des antispywares installés?
Il semble que vous (ou votre ami - je ne suis pas certain que je ne parle pas français) mai ont installé un Spam.

hi
thanks
I use avast, windows defender, spybot, xoftspy, hijackthis

avast send me these messages after using mailwasher

There are too many identical e-mails sent to a weak interval of time(weather) Sender: e-mail Delivery Subsystem < MAILER-DAEMON@laposte.net > addressee: < elodie@invitation.achatsvip.com > Subject: e-mail Returned: use(wear out) unknown
There are too many identical e-mails sent to a weak interval of time(weather) Sender: e-mail Delivery Subsystem < MAILER-DAEMON@freesurf.fr > addressee: < excpm@dk.ibm.com > Subject: e-mail Returned: use(wear out) unknown

No antivirus / antispams software detects anything !!!
What to make??
Cordially

It would appear that you have an undetected or hidden Trojan Spambot on your system. The too many emails in a short time is the avast Internet Mail heuristic detection of multiple emails sent from your system.

What is your firewall, it should be capable of blocking unauthorised outbound Internet Connections ?

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).

  1. SUPERantispyware On-Demand only in free version. Or Spyware Terminator Resident scanner (if you use this don’t install the toolbar or crawler or the anti-virus module). Or a-Squared free. I suggest trying then in order as the order that represents the better detection and clean-up. Some elements of the programs might not work if you have an older OS like win9x or winME, this is namely the resident protection in SpywareTerminator.

hi
I’ve got superantispyware
it’s ok for now
I hope it will final
thanks for you help

no, this morning it’s not right

Expéditeur : Mail Delivery Subsystem MAILER-DAEMON@freesurf.fr
Destinataire : mail@mafamille.fr; a-sarwar@northwestern.edu
Sujet : Returned mail: User unknownIl y a trop de mails identiques envoyés dans un faible intervalle de temps

Expéditeur : Mail Delivery Subsystem MAILER-DAEMON@freesurf.fr
Destinataire : mail@mafamille.fr; a-sarwar@northwestern.edu
Sujet : Returned mail: User unknown

I continue process

Are these email you received ?
As they look different to the others, e.g. no mention of the “Il y a trop de mails identiques envoyés dans un faible intervalle de temps” you posted with the other email info ?

I asked what your firewall is ?
That should show what is trying to get a connection, depending on what firewall you have.

Did you run SAS in safe mode ?
What were the results of the scan ?

Also useful as a diagnostic tool - Program & Tutorial - FileHippo Download - HiJackThis and post the contents of the HJT log file here. - HJT Information HiJackThis Tutorial.
Download and run HJT and post the contents of the log file (cut and paste) into this topic, you may need to split it over two or more posts depending on how large it is.

it’s windows xp firewall !!
I’ll try to make a safe mode scan

Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.

Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.

  • There are many freeware firewalls such as, Comodo, PCTools Firewall Plus, Jetico, etc. - Zone Alarm free works fine with avast and has a reasonably friendly user interface, however, the free version is becoming bloated with trial ware and is also crippled as far as outbound protection goes In the Program Control, configuration area, the slider will only goes as far as Medium protection, if you want more you have to buy the Pro version.

See A Forum discussion on free firewalls http://forum.avast.com/index.php?topic=30808.0

See http://www.matousec.com/projects/firewall-challenge/results.php.

Also I asked this:

Are these email you received ? As they look different to the others, e.g. no mention of the "Il y a trop de mails identiques envoyés dans un faible intervalle de temps" you posted with the other email info ?

If they are received emails it is entirely different ?

hi
these messages appear after using mailwasher and when outlook starts
I have always the problem today ??? :cry:

  1. Did you scan in safe mode with SAS ? If “yes”, what were the results?
    -You need to discover the program that is sending these mails.
    A two way firewall can do this.
  2. Install a two way firewall. when Outlook starts, look at the firewall pop ups. One will be something like “Outlook is trying to connect to the internet” Make a not of the full name and path.
    Look for any other alert that something is trying to connect.
    Make a note of it, post the result here.
  3. Other alternatives to SAS are MalwareBytes Anti Malware (MBAM), and Asquared (A2).
    Try scanning with one or both of them.

If the signature of the malware is on one of these programs, they should be able to find it, and maybe stop it.

As you can see from my signature I use MailWasher Pro.

MailWasher doesn’t download the complete email to do its analysis, it only downloads the headers, a small part of the body, it doesn’t download images or attachments and it views what is downloaded in text only. Based on this I personally don’t feel that any negligible risk worth scanning duplication, but the choice is yours.

By editing the avast4.ini file, [MailScanner] section using a text editor like notepad. It is best to save a copy of avast4.ini to another location in case of any problem, you can then copy the original back.
[MailScanner]
IgnoreProcess=MailWasher.exe add this line if you don’t already have an IgnoreProcess line.

Note when you try to save avast4.ini the avast self-defence module will pipe up asking are you sure, etc. answer yes.

That will stop avast scanning the mailwasher download and allow you to flag the emails for deletion at the server, so when you click Process Mail they will be deleted from the server and subsequently not downloaded by Outlook.

hi
I scanned in safe mode with SAS and with Asquared
that’s ok now
thanks very much :smiley: :wink:

You’re welcome.

Did you use the tip for MailWasher and avast4.ini ?

what does it mean ? ???

If what does it mean, means the tip.

Then excluding mailwasher’s downloads from being scanned as they represent a minimal (if any) risk and could save you getting avast alerts on the parts of the email you do download.

Considering you use mailwasher to get rid of junk/spam you can also get rid of suspect email (deletion from the email server), which would otherwise be downloaded by your email program and be detected by avast.