| Index > Scribe > virus in mail2 folder | |
|---|---|
| Author/Date | virus in mail2 folder |
| mhf 15/08/2007 2:51pm | I use Avast av and during a general scan it found traces of WIN32:Netsky-AF[Wrm] in the mail2 file. I don't know how it got through in an email as Avast provides real-time scanning on emails, maybe through the html. Anyway, Avast offers the choice of either continuing, deleting or moving to the quarantine chest - no much choice there in this case : continue, otherwise my mail2 folder would have been unavailable.
I'm not going to talk about the mail2 format here, that's another question, but this means that I cannot get to the individual email that is infected. Any ideas anyone? |
| exosceleton 21/08/2007 7:10am | set up a groupware server and copy mails to a imap mailbox or fake pop recipient.
those a separate eml files, if i am correct. scan and identify the infected mail (just open with notepad, should be safe) delete the infected email from your mail2 file. let us know if it works, exo |
| mhf 09/09/2007 11:20am | Thanks exosceleton. Sorry I didn't reply before but I've been away on a long-awaited holiday break (don't know if it was well-earned though).
Anyway, could you please go through the details of the method you suggest? If it involves uploading the mail.2 folder to a distant server, then that's out I'm afraid. My mail.2 folder isn't that big (85mb) but I'm on dial-up and uploading a file that size would use up most of my monthly allowance ! So could you please explain in detail? Thanks. |
| fret 09/09/2007 9:39pm | If you know what folder it's in your could export all the email as individual .eml files. Click the folder, select all (ctrl+a) and drag the email to a folder in your file system. Then run the scan on that folder removing the virus. But you still have the virus in your folders... not sure how to fix this. |
| exosceleton 10/09/2007 5:50am | if you open the infected eml with some kind of text viewer (notepad) it should be safe, and lets you see the date, sender etc. from this info you could just find the infected email within scribe and delete it. |
| Reply | |