i am new here and i really need you guys to give me some advise here, as i could not move, rename or delete the trj i which my avast detected from a email.
How was it detected? What was scanning, you yourself or the back-ground scanner?
When did the message occur on a download, unzipping, opening a file, mail or mail-attachment, etc.?
** The virus detected during I retrieving emails from outlook 2007. It detected a virus called
“win32:Lnkget [trj]”.
** However, I was not able to perform any option, such as move to chest, rename, delete, etc.
What was the source of the file, where did the file come from?.: e.g. address, URL, source.
** The source is come from a personal email address from my friend.
When was it downloaded or received?
** It was received on Apr-05-2009
What is the exact file name with extension.
** The file is under directory : outlook\outlook.pst\ … *.ink
What was the exact wording of the message that the AV program came up with? This is important for later.
** 1. error occurred during moving file to chest
** 2. error occurred during file deleting
Now go back and do nothing yet. Scan the particular file once again with your AV product.
A. The message is in the same wording: maybe positive alert
** The wording is the same when i use by thorough scan, how ever no result on standard scan with
zero infected item.
B. If the message is not in the same wording or the scan does not find up anything this could be a false positive.
Check with an on line scanner or update to jotti for a second opinion. Jotti resides at http://virusscan.jotti.org/
Go get informed ask a Virus Encyclopedia or Virus Central, put a question on a forum.
** I could not find any thing on VE or VC, but I put up on my local forum for help.
Make an informed decision on the basis of what you have found.
** A serious virus is detected … which I need help from you guys.
Inform others about what you have learned, if the file came from a reliable source, author, programmer
etc. send a friendly e-mail with your findings. This will help us all.
Exercise extreme care or you could lose your .pst file with all associated emails, somewhere in the outlook1.pst file is an infected email, trying to extract it is delete it could result in corruption or loss of the outlook1.pst file. That is why avast either can’t or is reluctant to move it.
So I wouldn’t allow avast to even try to remove it.
The detection should provide some information like the email Subject and this may help you to try and find the infected email manually inside MS Outlook, where you can delete it and then empty the deleted items folder in Outlook.
It would probably be best not to actually scan the .pst files, exclude them from on-demand scans. Using the avast Program Settings, Exclusions enter the path to the outlook folder and add this *.pst after it to exclude pst files from on-demand scans.
e.g. c:\program files\outlook*.pst obviously you have to enter the full path to the outlook folder.
thankz davidr for your advise … i think i make couple stupid mistakes here!
i open up the mail accidentally … and
i have already deleted the mail from my outlook
my point is this, beside actually delete my outlook.pst totally …
could avast doing something for me instead, like not leaving the trj in outlook.pst
or delete it particularly.
If you opened the email accidentally, I would think that avast would alert, this would give you enough information on which email is infected to be able to a) take no action on the avast alert and b) be able to find it an manually delete it within Outlook as I mentioned.
If you have already deleted the email from your Outlook and everything is functioning as normal then there is no problem.
The infection is more likely to be in the form of an infected attachment so as long as you don’t open that you should be OK.
Since avast isn’t alerting on the outkook1.pst but an infected email within it (as your image shows) then avast wouldn’t be trying to move or delete the outlook1.pst, but the act or removing an infected email from within the .pst file could corrupt it. That would effectively mean that Outlook would be unable to open the .pst file so you couldn’t access the remaining email on it.
Outlook when it comes across a corrupt pst file in this way, I believe it would create a new .pst file, so that new pst file would be empty making you believe the emails were all gone. It is possible with some tools to find the original corrupt pst file and extract data from it./ I don’t use MS Outlook (only express) so I have no experience of these tools.
You should however, be backing-up your data on a regular basis and this includes your .pst files, if you don’t lose it then back it up.