Avast 18.2.2328
Email client is Thunderbird, email service is Earthlink
My email account is reporting a lot of outbound spam sent from my computer, 100 messages in 24 hours, and continuing. Earthlink support says : “If you did not personally send this message, then your account may have been used by unauthorized persons and you should take action immediately to secure your account.” Sample message from Earthlink about items I did not send :
The following address(es) failed:
lynch@mc.net
host ismtp-02.mc.net [209.172.128.90]
SMTP error from remote mail server after RCPT TO:lynch@mc.net:
550 #5.1.0 Address rejected.
I ran an Avast scan and it found nothing amiss. Then I ran a Malwarebytes scan and it quarantined three items in the registry : PUP.Optional.InstallCore. But still my computer is sending outbound spam.
Is there anything that Avast can do about this? Or should I buy a special filter program for this one-time problem?
FWIW, here’s the MB log report :
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 3/7/18
Scan Time: 11:06 AM
Log File: f1759f50-2229-11e8-9968-b0104163fe6a.json
Administrator: Yes
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.4246
License: Trial
-System Information-
OS: Windows 10 (Build 16299.248)
CPU: x64
File System: NTFS
User: DELL3647\John Earwood
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 326764
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 3 min, 37 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 2
PUP.Optional.InstallCore, HKU\S-1-5-21-1914648859-788343595-4286043385-1001\SOFTWARE\csastats, Quarantined, [2], [260986],1.0.4246
PUP.Optional.InstallCore, HKU\S-1-5-21-1914648859-788343595-4286043385-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [2], [481004],1.0.4246
Registry Value: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-1914648859-788343595-4286043385-1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [2], [481004],1.0.4246
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
(end)