I am running Avast 4.8 Home under Windows 7. A week or so ago I ran the Kaspersky Online Scanner and it found two instances of the same threat…trojan-spy.html.fraud.gen…in two Thunderbird Inbox files. If I watch as Kaspersky scans, I can see the scanner stop at the suspicious files and see the following: in one of the inbox files, it says: “Inbox//[From WILL…se Bank Scam!!]/html” and in the other inbox file it says: “Inbox//[From Com…Commerce Bank!]/html”. Searching messages from within Thunderbird does not locate the offending messages.
I ran a complete Avast thorough scan and I believe it identified the two instances and they were identified as “file parts” and then long numbers after that. However, Avast would not let me delete the parts or move them to the Chest or anywhere, for that matter.
It has been suggested to just delete the entire Inbox files which contain the threats, but that would mean the loss of hundred of messages that I need to keep. I am looking for a way to just remove the two messages which I believe must contain the problem. I felt I was getting closer when Avast identified those two “parts”, but then how to remove the “parts”?
I will certainly appreciate any help…I love Avast and hope someone has the answer.
I tried the Avast boot-time scan and it did not identify the two file “parts” that I had seen before. I then tried Dr. Web Cure It and neither did it find the trojan-spy.html designation while running in safe mode. I am about to try the Norman Malware Cleaner, but I am discouraged that Kaspersky keeps identifying the files and nothing else seems to know where they are or how to get rid of them.
It is downright risky letting any AV remove an infected email from within an email folder, as they aren’t actually folder but files containing multiple emails and removing one could corrupt the file with the loss of the other emails.
That is I believe why avast wouldn’t do it, what was the error message given when trying to do this ?
I suspect something unsupported archive, or similar wording.
The above are general comments, as I don’t use Thunderbird I can’t advise a practical way of finding it manually and removing it.
I think I will let Avast do another scan during the night tonight and see if I can get the information of the affected files. In the meantime, in response to the suggestion, when trying to run Norman Malware Cleaner in safe mode, I get the following: “Unable to load nsak.sys Error (0x00000001)”, and the program will not run.
Does Kaspersky Online detect fraud/scam email? I don’t think Avast has this function since it only detects virus and other malware - (I don’t think fraud/scam/phising etc including to malware - because we can notice it so simple and remove it manually while offline).
I don’t know if now fraud email has virus signature on it.
My Thunderbird used to remove fraud/scam email automatically to Junk Folder - then just delete them manually - finish.
so doesn’t know how it really works 