Can Not Identify Which Mail Doc Is Infected By Message Number
Hello,
I am getting a virus warning when I scan my PC. This was not picked up by Bit Defender when I retrieved the mail. I use Thunderbird. I have a number of files in my in tray which I want to keep so deleting the lot is not an option. On running the checker, it identifies 2 message numbers. This is not enough to identify which message it actually refers to.
This is from my log:
//-----------------------------------------------------------------
//
// ProductBitDefender Internet Security v10
// Product10.2
//
// Created on: 20/01/2008 10:07:13
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail
Folders : 88
Files : 133146
Memory processes scanned : 67
Archives : 60064
Runtime packers : 3099
Identified viruses : 2
Infected files : 2
Memory processes infected : 0
Suspect files : 1
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 0
I/O errors : 0
Scan time : 00:21:47
Scan speed (files/sec) : 101
Spyware Statistics
Registry keys scanned : 389
Registry keys infected : 0
Cookies scanned : 456
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 974491
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\Anton\Application Data\BitDefender\Desktop\Profiles\Logs\user_0002\1200823633.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\Local Folders\Work E-Mails.sbd\Work Inwards=>(message 141)=>[subject: f1 access file][Date: Sat, 19 Oct 2002 13:38:00 +0100]=>(MIME part)=>sap_bw_databasetemp.zip=>SAP_BW_DataBaseTemp.mdb Suspect: Macro.VBA
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\pop3.demon.co-2.uk\Inbox=>(message 948) Infected: Generic.Peed.Eml.168EDB1E
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\pop3.demon.co-2.uk\Inbox=>(message 948) Disinfection failed
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\pop3.demon.co-2.uk\Inbox=>(message 948) Move failed
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\pop3.demon.co-2.uk\Trash=>(message 307) Infected: Generic.Peed.Eml.70F5723D
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\pop3.demon.co-2.uk\Trash=>(message 307) Disinfection failed
C:\Documents and Settings\Anton\Application Data\Thunderbird\Profiles\nazk23nd.default\Mail\pop3.demon.co-2.uk\Trash=>(message 307) Move failed
Please Help. 
Comments
-
Further to this I moved to files to folders on local foilders. One for the attached messages and one for unattached. I reran the virus check and the following happened:
- The same virus messages were detected in the now empty InBox
- The folders which now contain the messages (formally from the In box) were ignored ie no virus detected.
0 -
May be the infected file is a hidden file and still in the original place. To make sure unhide the file (start-control panel, check show hidden files and folders-apply) and then look into the folder.
0
