6 Replies Latest reply on Mar 20, 2013 6:46 AM by sol

    Not able to remove the malware

    Sukhadev Koli

      Hi all


      Iam having problem


      In some of my users inbox (Microsoft - Outlook 2003/7)  getting mail-failure notice in bulk like 400 to 500 emails are automatically generating, actually use has not sent any mail, but mail failure notice are keep coming

      When I googled about this I found some malware names like Win32.Adware.ADON so i checked scan history of these two three systems i did not find any virus or trojan entry, manually scanned the system completely but still problem persists


      SO i need help how to remove this virus and also would like to knwo whether macfee addressed this or any tool is there to remove this?


      I am using McAfee 8.8 Ent + AntiSpyware (ePO 4.6)



      Sukhadev SK

        • 1. Re: Not able to remove the malware

          Sukhadev Koli,


          I will ask one of my senior mods to move this thread to the right section for better attention.

          • 2. Re: Not able to remove the malware
            Peter M

            As you are using Enterprise software I moved this to Corporate User Assistance in the Malware Discussions area.


            There may be some helping hints in the last link in my signature below.  Although it's directed at regular consumers it may give you some ideas.









            Message was edited by: Ex_Brit on 19/03/13 6:41:15 EDT AM
            • 3. Re: Not able to remove the malware

              Sukhadev SK,



              If one or more of your systems was used to spam out mail, then you will see the bounced back mails possiby for some time. Do you have a spam filter that you can set some rules to block these from entering the mailboxes? If not, they will drift off over time. Meanwhile, make sure you have cleaned the suspected systems. I would also check with your networking staff to montior the traffic. You should be able to see what systems are causing the problem.


              If you don't see any traffic or suspect any systems, it is possible that your domain is being used to spam out mail and as a result you are getting the bounced back messages. Check SPamCop website to see if your domain is blacklisted http://www.spamcop.net/  or http://cbl.abuseat.org/.



              If you know what systems are the problem, try running a malwarebytes full scan on them. You can download the free version and it will run and clean your systems.

              Make sure you clean all the cache files from the suspected systems. Clean all Temp Folder, internet Temp folders, Cookies and check the AppsData folders or Program Files folder to see if there are any new programs installed that should not be there, check for strange .exe files and research them to make sure they are not legitimate files.


              Usually in the main AppsData folder you might see a lonely .exe file.



              http://www.malwarebytes.org/   download the free malwarebytes



              Good luck







              Message was edited by: sol on 3/19/13 7:14:21 AM CDT
              • 4. Re: Not able to remove the malware

                Thanks Peter

                • 5. Re: Not able to remove the malware
                  Sukhadev Koli

                  Thanks for the reply Sol, i started scanning those infected systems mean while i need little more ur help, that is how to set spam filter in ePO4.6 can u please give me a step by step procedure or little info about this, i will be very thankful to you...




                  • 6. Re: Not able to remove the malware



                    Did you purchase the email protection solution by McAfee? There is the Email Gateway or the Saas email protection. One is an appliance that filters your email and is internal to the network while the other is a hosted solution that filters the emails prior to entering your network. Both need to be purchased separate and which one you choose depends on your business needs.


                    If you do not have a solution and you are interested in a spam filter you can check this out... http://www.mcafee.com/us/products/email-and-web-security/email-security.aspx. Your reperesenative will be able to better direct you depending on your business needs. One you have made the decision, their support staff will be able to help you configure your ePO for email security.


                    If you already have the email solution, I suggest contacting your McAfee support to assist you in configuring your ePO environment for this as needs vary from business to business.


                    I hope all is settling down for you.