Why can't Avast clean my file?

I’m using the email program “TheBat”, which stores emails in database files. During a scan it found a virus in a database file. I asked it to fix it, with no luck. All it does is putting it in the quarantine, which is not acceptable since I then lose several hundreds of emails stored in the database. Repair does nothing to the file either.

I wonder what the problem is here? A virus consist of a sequence of bytes, and it’s a piece of cake to scan a file and delete a known sequence of bytes (if it can detect the virus it must know that sequence of bytes), which in this case will remove the virus. So why can’t it just do that?

repair can only be done to files that are injected with malicious code … most of todays malware can not be repaired as the hole file is malware

I'm using the email program "TheBat", which stores emails in database files. During a scan it found a virus in a [b]database file[/b].
is this a compressed archive ? ...... if so you may try to unzipp it first, then scan the folder and remove infection

what is the full detection message from avast, you may attach a screenshot

And if only the detected code is removed, it will cripple the database making it not usable anyway.

you will find some info here http://lmgtfy.com/?q=How+do+I+clean+a+virus+in+an+e-mail+archive%3F

Thanks for your replies.

Well the database appears to consist of the raw email sources in plain text, each preceded by what looks like a few binary characters. So removing the virus which is probably in a Base64 or whatever encoded attachment would only damage the attachment or mail content itself, which shouldn’t cause any serious problems. The problem is finding the attachment, as there is a lot of them.

I guess the simplest thing would be to leave the file as it is, and exclude it. If I should happen to open the attachment I assume Avast would catch the virus then.

I’ve attached the Avast report if that can help.

Assuming that the email scanner is separated from the file scanner and the exclusion therefore won’t affect it?

Info on the worm
http://virus.wikidot.com/badtrans
http://www.f-secure.com/v-descs/badtrans.shtml
http://www.symantec.com/security_response/writeup.jsp?docid=2001-112410-5327-99

Thanks!