Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Atoma740 on October 19, 2003, 02:04:14 PM
-
when retreiving mail and a infected mail is detected i get the Avast Warning telling me a mail is infected with a virus...so far so good, then when i try to delete the message (tried delete permant or to recycle bin) i get the following message "Avast' : There are no more Files , cannot proces "email"use this patch immediately ! "From Microsoft <security@microsoft.com>, To <my mailadres> \patch exe\patch.exe" file
Tried to reinstall Avast without results.
Anyone any ideas how to solve this ???
-
What mail client are you using? And is this on English or another-language version of Windows?
-
using Windows Xp home Ed. - dutch
Avast 4.0 - dutch
Outlook Express Dutch
I guess the problems must started after trying some other mail-clients like Mozilla Thunderbird, Foxmail, Eudora, but everything is uninstalled.
in the meanwhile i've set OE als default mail client; maybe that solves the problem.
-
Uhm, avast 4 Dutch?? Where did you get it? It has not been officially released yet!
What version is it, exactly? (see the About box).
Thanks Vlk
-
oeps Avast 4.0 build Oct2003 (4.1.280) english version of course.
http://users.skynet.be/bk342901/avasterror.html (http://users.skynet.be/bk342901/avasterror.html)
-
when retreiving mail and a infected mail is detected i get the Avast Warning telling me a mail is infected with a virus...so far so good/quote]
W4, Did Avast provide the name of the virus?
then when i try to delete the message ......... i get the following message "Avast' : There are no more Files , cannot proces "email"use this patch immediately !
[/color]
Apparently, when you clicked Delete, you had to indicate which email to delete. In OE, the window will open the message before sending it into the Delete directory .
"From Microsoft <security@microsoft.com>, To <my mailadres> \patch exe\patch.exe" file
This worries me. Microsoft is not in the habit of emailing users with patches! There have been phony emails containing the MS header which are actually virus transmissions.
Tried to reinstall Avast without results.
Why did you uninstall Avast? What AV do you now have installed?
It is most important, that you run a full system scan.
You can use online scanners for now to make sure you system is clear of any and all virii.
(www.panda.com or www.kaspersky.com are 2 that I have used successfully)
techie :)
-
1/ yep avast provides a name for the virus Win32:Dumara-H[Wrm]
2/ i can't see the mail until i ignore to take action on the virus. Then the mail is coming in (uncleaned) and manually have to remove the mail from the inbox.
3/ the mail is not comming from MS itself, like you said, it's always a phony email adress
4/ installed Avast4 again. did a scan of the system and seems to be clean.
I'll try one of those online scanners to get a second opinion.
-
W4,
Actually, the correct name is Dumaru.? (?=various variant designations a/b/c etc.)
It ends processes belonging to antivirus programs, firewalls and system monitoring tools. It drops a backdoor Trojan on the affected computer.
To be sure it has been removed, you can download the free removal tool from Symantec:
http://securityresponse.symantec.com/avcenter/tools.list.html (http://securityresponse.symantec.com/avcenter/tools.list.html)
(OR)
the Stinger from McAfee:
http://us.mcafee.com/virusInfo/default.asp?id=stinger (http://us.mcafee.com/virusInfo/default.asp?id=stinger)
then read this article from McAfee.....Sound familiar?
http://us.mcafee.com/virusInfo/default.asp?id=helpCenter&hcName=dumaru (http://us.mcafee.com/virusInfo/default.asp?id=helpCenter&hcName=dumaru)
Good luck,
techie
-
problem still isn't solved. >:(
tried stinger from McAfee and the removal tool from Symantec. the system is clean of viruses. Also did a scan with the online scanner from Bitdefender. No virus was found.
Guess i'll have to switch to another virusscanner :'( (at least until the next reinstall of Xp) Anyone any experience with AVG or Antivir H+BEDV ? Wich one is the most reliable ?
-
W4,
What problem are you still having? I thought you had successfully removed the virus?
If so, wasn't the "alert" the problem?
I am not sure what problem you now want us to solve. ???
Can you explain? I'm sure we can help.
As for an anti-virus program, I have found AVG by Grisoft reliable in W98, ME and XP systems. Its' virus detection rate cannot compare with Avast, but it does have a resident email scanner. The free version does not have the auto update feature that Avast uses.
You can review Virus Bulletin's data on most anti-virus programs if you wish before selecting www.virusbulletin.com
techie
-
when retreiving mail and a infected mail is detected i get the Avast Warning telling me a mail is infected with a virus...so far so good, then when i try to delete the message (tried delete permant or to recycle bin) i get the following message "Avast' : There are no more Files , cannot proces "email"use this patch immediately ! "From Microsoft <security@microsoft.com>, To <my mailadres> \patch exe\patch.exe" file
Tried to reinstall Avast without results.
Anyone any ideas how to solve this ???
avast! have solved your virus infection as I can see...
Remember what techie said, Microsoft does not send email with patches!
This is actually a kind of virus transmission. ;)
-
Never said i had a virus on the system, the problem is that i can't delete mails that are intercepted with Avast Mail scanner. I took some screenshots so it may be more clearly now where the problem is.
http://users.skynet.be/bk342901/avasterror.html (http://users.skynet.be/bk342901/avasterror.html)
-
Never said i had a virus on the system, the problem is that i can't delete mails that are intercepted with Avast Mail scanner. I took some screenshots so it may be more clearly now where the problem is.
http://users.skynet.be/bk342901/avasterror.html (http://users.skynet.be/bk342901/avasterror.html)
avast! will have the following behavior (depending of your settings):
1. If just the attach is infected, it will be deleted (if you set so) and a not will be posted in the body of the message (see your pictures).
2. If both attach and body are suspiciuos, you will be prompted do delete all the message (body and attach).
If I'm wrong, avast! team will correct me.
In Professional version, this settings could be fully configurated. In Home, some of them are default. ;)
-
when retreiving mail and a infected mail is detected i get the Avast Warning telling me a mail is infected with a virus...so far so good, then when i try to delete the message (tried delete permant or to recycle bin) i get the following message "Avast' : There are no more Files , cannot proces "email"use this patch immediately ! "From Microsoft <security@microsoft.com>, To <my mailadres> \patch exe\patch.exe" file
Tried to reinstall Avast without results.
Anyone any ideas how to solve this ???
That happened to me just a few minutes ago ???, and it was with an email infected with Dumaru-A. When I choose delete, i received the same error message saying "There are no more Files" :(
If anybody wants the file to make tests, I can send it :)
Cheers, and sorry for my bad english.
-
Hi guys,
please send problematic e-mails to sedina@asw.cz. I will check it and find where is the problem... One note: do you choose operation on e-mail immediately after the message in shown or there is some time-delay (e.g. 5 minutes)?
thanks!
pavels
-
W4,
Thank you for the screenshots, but I do understand your problem. Certain possiblities exist to explain this behavior:
1. Avast DID delete the virus successfully. Avast went after the source....(the attachmentJ), not the message itself.
2. Avast stopped the download of the portion of the attachment containing the virus itself.
May I ask...Does your email client still show an attachment symbol with the suspect email?
This is just a thought....In Outlook Express you can set OE to PREVENT opening of email containing a potentially dangerous attachment?
Avast will be able to scan it (obviously since it detected it), but may not be able to delete it. Avast could consider it a passworded/protected file.
Also, when this first occured, did you try to MOVE the virus to the Chest at all? If so, what happened?
Sorry for the questions, but I am looking for some clues as to what direction to follow next.
Techie ::)
-
One note: do you choose operation on e-mail immediately after the message in shown or there is some time-delay (e.g. 5 minutes)?
thanks!
pavels
I choose the operation immediately after avast! tell me that the message is infected.
Lito.
-
Lito, I have the same trouble of you sometime ago...
It was not a virus, but just a suspicious attach with extension .exe.
It was not infected but I receive a message without the attach.
Few minutes later I receive the entire message. This is why pavels ask you about the delay (I suppose).
Techie is absolutely right... Could you answer his questions?
In Outlook Express you can set OE to PREVENT opening of email containing a potentially dangerous attachment?
Did you try to MOVE the virus to the Chest at all? If so, what happened? ;)
-
May I ask...Does your email client still show an attachment symbol with the suspect email?
Yes, and if I open the message I can see the infected attachment. But if I save the eml file and I scan it with ashquick I can delete de infected attachment inside the eml.
This is just a thought....In Outlook Express you can set OE to PREVENT opening of email containing a potentially dangerous attachment?
Avast will be able to scan it (obviously since it detected it), but may not be able to delete it. Avast could consider it a passworded/protected file.
Also, when this first occured, did you try to MOVE the virus to the Chest at all? If so, what happened?
I tried to move the virus to the chest and avast said again: "There are no more files". Also I'm not using that option on my OE.
Cheers and thank you to Pavel, techie and technical for their help ;).
-
The only other suggestion I have left is for you to go into the Tools/Options/Maintenance.
Use the CleanUP Now button.
This should clear out all downloaded messages from the email client.
Make copies of whatever is important, or copy them to a folder OUTSIDE of the email client.
You may also wish to check "Delete msgs in the Delete
folder upon exit"
Were you at all successful in attempting to delete the message after starting in Safe mode?
Techie
-
Hi again. Why I would need to do that? The only problem that I have is with the mail scanner that cannot delete the infected attachmet on this specific email; avast! mail scan is still working perfect and also I can delete the file manually but it would be nice if avast could get ride of it itself
Anyway techie, can I send you this problematic file to see if your mail scanner can do something?
Thank you again. Bye.
-
Lito,
Send the problematic files to sedina@asw.cz and the file will be examined to see what can be done.
If you still show the "infected" email attachment, clearing the downloaded email should take it out. That is why I gave you that option.
If you can Delete the msg directly in the email client, then after sending the file, do so.
I just want to get something cleared up.....Its important.
You said the Avast scanner works fine. But has Avast deleted other infected files? or is this the only one which it seemed to have difficulty?
Avast will come up with a solution for this little "bugger".
techie ;D
-
When retreiving mail and a infected mail is detected i get the Avast Warning telling me a mail is infected with a virus...so far so good, then when i try to delete the message (tried delete permant or to recycle bin) i get the following message "Avast' : There are no more Files , cannot process "email".
.
.
.
The mail scanner that cannot delete the infected attachmet on this specific email; avast! mail scan is still working perfect and also I can delete the file manually.
Did you send the file to sedina@asw.cz ?
This seems to be a bug... ;) As I can see from your posted pictures...
Sometimes with eicar.com test files the 'delete' function only works if you send the file to Recycle bin. Maybe the bug prevents the deletion the file because it is in use (by Outlook) but I'm not sure.
Does avast deleted other infected files?, as techie asked you
Did you perform a complet scan in your system after the infection and before the email deletion? What were the results?
Here we need a powerful help, we reach the end of users' knowleadge... :'(
-
All right folks, this was caused by the fact the file was packed by UPX. It should be fixed now.
Watch for the today's update.
-
Yep, I sent the file to Pavel :), and he answered me today ;D. He told me the same of Vlk post. You know, avast! support is great :D :D :D :D
Cheers and let's wait for the update.