Killing Email Zombie Virus: Purging 4000+ Emails

  • Thread starter Thread starter DaveC426913
  • Start date Start date
  • Tags Tags
    Email
Click For Summary
SUMMARY

The discussion centers on a user whose desktop was infected with the backdoor.formador virus due to Norton antivirus failing to update its virus definitions. After Norton purged the virus, the user is left with over 4000 emails queued for sending, which are not visible in Outlook. The user seeks assistance in purging these emails, which continue to trigger warnings from Norton. Recommendations include checking the System Restore feature and verifying registry entries to ensure complete virus removal.

PREREQUISITES
  • Understanding of Norton antivirus functionality and updates
  • Familiarity with Windows registry editing
  • Knowledge of email client operations, specifically Outlook
  • Basic concepts of computer viruses and their removal
NEXT STEPS
  • Research how to disable System Restore in Windows XP or 2000
  • Learn about editing the Windows registry safely
  • Investigate methods for locating and deleting hidden emails in Windows
  • Explore firewall options and their importance for system security
USEFUL FOR

This discussion is beneficial for users dealing with email-related issues post-virus infection, IT professionals managing antivirus software, and anyone looking to enhance their understanding of system security and email management.

DaveC426913
Gold Member
2025 Award
Messages
24,467
Reaction score
8,726
It looks like my desktop was infected with a virus due to a fault in Norton* that caused it to not update its virus definitions.

The virus turned the system into a zombie, sending out spam. Now many ISPs are identifying my IP as a source of spam and are refusing all email from me.

Norton found and purged a virus called backdoor.formador, so I think all that is behind me now, but I still have 4000+ emails that are trying to get sent from somewhere. (Norton continues to pop up a warning message for every one of these 4000+ emails, that's how I know they're still there).

See attached screengrab. The taskbar is showing each email that is waiting to be processed. So far there are only 8 or 10, but it will run through 4000+ of them.


They are not in Outlook; I don't know where these 4000 emails are sitting. Somewhere invisible. How can I purge these emails?

Or am I misunderstanding what I'm seeing?


* Yeah yeah ... "Norton? Pah. I don't use that piece of junk". Got it out of your system? OK, now move on.
 

Attachments

  • NAVscan.gif
    NAVscan.gif
    109.4 KB · Views: 578
Last edited:
Computer science news on Phys.org
Dave,

What OS are you using (XP, 2000, ...)? I did a quick Google search and one thing that I noticed from the technical details on one was that the computer could be reinfected if you don't disable the System Restore feature before removal http://www.symantec.com/security_response/writeup.jsp?docid=2003-121018-1953-99&tabid=3".

I would also double-check that the registry entry noted in the removal instructions has actually been removed.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\"[TROJAN FILE NAME]" = "%System%\[TROJAN FILE NAME].exe"

Also, if you don't have a firewall on your computer, you should install one.
 
Last edited by a moderator:

Similar threads

Virus that disables system restore and hardware device manager?
  • · Replies 3 ·
Replies
3
Views
21K