[Dave Hybrid]

My bro is having a strange thing happen.

When online Avast email scanner keeps popping up saying it is sending a message, like every single second.

Crazy thing is my bro has no email setup on the PC, not outlook, nothing.

How are these emails being sent?

Is it some sort of virus?

Valis!? :D

Thanks.

[Dave Hybrid]

Anyone?

[hAvAAck]

Does it say what program is attempting to send the emails? outlook? outlook express?

[Dave Hybrid]

No, just a info box in the system tray from Avast, when I hover the mouse over it the email address being sent to is displayed.

As I said there is no email software or email accounts on the machine.

I can only assume it's some sort of virus/rogue script.

A virus scan picks up nothing.

[Dave Hybrid]

Managed to fix it just now by removing some suspect entrees in a hijack-this scan.

Regardless if anyone knows what this was or how it works I'd be interested to know.

[Wolfeymole]

Pm Valis with this thread URL mate and he will be on the case like big style.

[valis]

curious to know what the address it was sending to. It coudlv'e been something like adobe phoning home, or some other app.....what entries did you pop out of hjt?

[Dave Hybrid]

Were talking 100s if not 1000s of emails being sent to random addresses.

I deleted two DNS/Nameserver/IP address entrees from HJT.

*EDIT*

Similar to these I found in another thread:

O17 - HKLM\System\CCS\Services\Tcpip\..\{108DB8FD-F197-49AA-8627-EBB48F39E81D}: NameServer = 194.72.9.34 62.6.40.178
O17 - HKLM\System\CS1\Services\Tcpip\..\{108DB8FD-F197-49AA-8627-EBB48F39E81D}: NameServer = 194.72.9.34 62.6.40.178

[Dave Hybrid]

Definitely a virus or a script/bot.

Avast email scanner was going berserk, it couldn't scan the emails quick enough.

[Wolfeymole]

God bless POP3 :p:D:)