Author Topic: Suddenly unknown POP3 SMTP ztomy.com SSL servers avast warning by OUTLOOK.EXE  (Read 5186 times)

0 Members and 1 Guest are viewing this topic.

Offline galien8

  • Newbie
  • *
  • Posts: 3
L.S.

To my knowledge I never used ztomy.com. However I used SMTP mail.strawberry.arvixe.com from ASP.NET for a website I am programming under localhost, thats mentioned as 50.61.238.128 in the avast Email Shield SSL
settings.

Am I hacked? Or is it a virus?

PLEASE HELP!

Johan.

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5420
  • Spartan Warrior
Hi galien8,

If you could attach a .jpeg, .gif, or .png of the box or warning in question, others would see what you are seeing, and thus be able to help.

Use "Attachments and other options" in the box you are writing in, lower left hand corner of forum text box, to attach.  Note the forum size limit.

Text will work as well.
« Last Edit: May 25, 2012, 05:24:35 AM by mchain »
Windows 10 Home 64-bit 20H2 Avast Premier Security version 21.3.2459 (build 21.3.6164.652) UI version 1.0.612.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85589
  • No support PMs thanks
Many ISP, etc. use third party services to handle their email services, I just wonder if it is something like that. How to check it is probably going to be hard short of asking your ISP, etc. if they use an email service provider for their emails and hope they tell you if they do.

I have a BT Internet email address and despite BT Internet being the email server address it is actually handled by Yahoo.com and that is what I see in the avastUI, Mail Shield, SSL Accounts, no entries for BT Internet.

However that said, that site doesn't have a good reputation, http://www.mywot.com/en/scorecard/ztomy.com
« Last Edit: May 25, 2012, 02:46:33 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.691) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline galien8

  • Newbie
  • *
  • Posts: 3
Hi Mchain,

I do not have the warning because once clicked away it does not come back. But I attach the SSL Settings screenshot.

Thanks for your reply!

Kind regards,

Johan.

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5420
  • Spartan Warrior
Well, Securi site check shows ztomy.com has problems.

Here:  http://sitecheck.sucuri.net/results/www.ztomy.com

As for providing help in resolving your issue, I will defer to others here more qualified than I.  You are saying ztomy.com should not be there?

It's possible at times to recover the warning box by right-clicking the avast icon in system tray and selecting 'Show last pop-up'.
Windows 10 Home 64-bit 20H2 Avast Premier Security version 21.3.2459 (build 21.3.6164.652) UI version 1.0.612.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85589
  • No support PMs thanks
Given the sites history, it would be worth checking that you don't have a hidden/undetected emailbot and aren't sending out spam. First set the Email Shield, Expert Settings, Sensitivity, Heuristics sensitivity to High.

- This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and start your own new topic and attach the logs there, not in the LOGS topic.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.691) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline galien8

  • Newbie
  • *
  • Posts: 3
L.S.

Thanks to you all for your help. Since I am now aware it might be a serious problem:

I am going to do the ultimate solution: format C: and D: => completely rebuild the machine. My backups are clean!

Kind regards,

Johan.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85589
  • No support PMs thanks
You're welcome, though I would have taken a shot at at least producing the logs so a malware removal specialist could take a look at them. Unless by your backups, you mean a hard disk image backup.

I use hard disk imaging software (weekly backup image) as my means of disaster recovery (no matter what the cause) so I don't have to go down the format and reinstall route.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.691) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5420
  • Spartan Warrior
You're welcome, though I would have taken a shot at at least producing the logs so a malware removal specialist could take a look at them. Unless by your backups, you mean a hard disk image backup.

I use hard disk imaging software (weekly backup image) as my means of disaster recovery (no matter what the cause) so I don't have to go down the format and reinstall route.
+1

Might want to check your router or dsl modem for changes/infections as well.
Windows 10 Home 64-bit 20H2 Avast Premier Security version 21.3.2459 (build 21.3.6164.652) UI version 1.0.612.