4

I have a virus scan running and it's found a virus in my Thunderbird inbox file. Of course, I don't want to delete the inbox file, and the anti-virus (AVG) can't seem to pull it out. There are lots of messages my mailbox and I don't want to try to look at each attachment and figure out if it has the virus.

How do get rid of the offending bits?

Edit: Folks, this is not Thunderbird using AVG as a proxy and AVG detecting a virus in my mailbox on the server. What's happening is that I have my email program off, not running. AVG is doing a system scan. It finds a file with several copies of the same virus in it. That file is a Thunderbird inbox file. Obviously, I don't want to delete the file wholesale, because it's my inbox ( or one of its subfolders )! So apparently AVG can't pull it out. There are thousands of messages in my inbox ( I'm a packrat, what can I say, someday I'd like to go back and see what my friends and family were saying to me way back when ) so I can't just go in and "find it".
user13743
  • 1,751

4 Answers4

1

Any reason you can't simply do it from inside Thunderbird? There are a few options. Run Thunderbird in Safe Mode to remove it. You could also open the inbox file yourself using a text editor and delete that message. You'll likely need a text editor that can handle large files and some way to identify the message within it. The attachment should have a MimeType associated with it and be encoded (probably Base64, looks like a big block of gibberish).

Although, I'm a little confused how AVG was able to detect the virus in the text file. Maybe you have Thunderbird setup to use AVG as a proxy for its mail? In which case, I would've expected it to remove the virus before ever getting to Thunderbird and you won't likely find it in your inbox.

Ioan
  • 571
1

Since the inbox file is a monolithic blob to AVG, and you don't know what message has the offending attachment, you'll probably need to take a divide & conquer approach: First, sort by attachment, then create a few sub-folders and move groups of emails into each one, rescan, etc.

Remember the game Mastermind? Similar strategy...

chris
  • 9,595
0

You can log onto your mailbox using Telnet and delete that message manually:

For a quick tutorial: http://smanage.tripod.com/tel.html or http://techhelp.santovec.us/pop3telnet.htm

Good luck!

r0ca
  • 5,833
0

Perhaps I have newer antivirus - I'm using Norton, because my anti-virus software managed to give me the file name in the report. Seems like virus's are usually an attachment (usually a .doc or .zip). I was able to use Cygwin grep command to search my Thunderbird mailbox files for the file name. Having seen it in the mailbox file, I then used Cygwin via text editor to find the file name and see details about the individual email in which the virus was contained. Then simply used Thunderbird to delete.

Other file search and edit tools will probably work also, but remember these are large files and so there are long delays in searching and editing.

I notice that norton isn't finding anything on my computer, except in old mail, so perhaps the servers are getting better at finding and eliminating these kinds of mails.

kathy
  • 1