Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: cape on February 12, 2004, 01:22:12 AM

Title: AVAST and Outlook Express
Post by: cape on February 12, 2004, 01:22:12 AM

I recently installed AVAST antivirus and ran a full system scan. The full system scan detected a virus on the incoming dbx file of outlook express. I decided to open outlook express and check every message with attachment (I set the level of email scanner to high).

I opened email by email, but none of them set of the alarm. How do I know which email is infected?

The log sent by the system is the following:

11.02.2004 13:38:58   INFORMATICA01\Carlos P   4012   Sign of "JS:Seeker-Ie [Wrm]" has been found in "C:\Documents and Settings\Carlos P\Configuración local\Datos de programa\Identities\{241C9760-8ABC-4882-8C7C-57DA0326629C}\Microsoft\Outlook Express\Bandeja de entrada.dbx" file.

Where Bandeja de Entrada is my incoming mail folder.
How can I fix this?

Title: Re:AVAST and Outlook Express
Post by: Culpeper on February 12, 2004, 02:28:21 AM

Send the virus to the virus chest.  The Alwil staff may ask to look at it.

Title: Re:AVAST and Outlook Express
Post by: cape on February 12, 2004, 06:22:07 AM

Too big, for comfort. I will try to make it smaller.

Title: Re:AVAST and Outlook Express
Post by: Culpeper on February 12, 2004, 06:23:05 AM

From the virus chest you can send it to Alwil.  Check out the virus chest menu.

Title: Re:AVAST and Outlook Express
Post by: Vlk on February 12, 2004, 07:37:45 AM

This particular virus won't be in an attachment - it will be in the HTML body of a mail itself.

Unfortunately, avast cannot "unpack" files of type of DBX, neither can it scan OE messages on-access once they're already in the mailbox. So -- there's no easy way to get rid of it.

You can try moving junk mail to a different folder and compacting the inbox. The Js-Seeker mail should look like a junk mail (it's event possible that you've already deleted the mail and mere comacting of the problem would delete it from the dbx file).

Hope this helps,
Vlk

Title: Re:AVAST and Outlook Express
Post by: cape on February 12, 2004, 04:02:22 PM

I moved the email from the inbox to a different folder. It didn't work, and now I have the dbx file on the virus chest. Anyway, I will try to create a new inbox folder.

Title: Re:AVAST and Outlook Express
Post by: cape on February 12, 2004, 04:03:55 PM

BY the way, the Inbox file is about 150 MB (even when empty). So sending it for analysis isn't an option.

Title: Re:AVAST and Outlook Express
Post by: cape on February 12, 2004, 07:46:39 PM

Problem Solved.

Title: Re:AVAST and Outlook Express
Post by: cape on February 12, 2004, 07:54:18 PM

I moved all the email to temporary folders. Logged out of Outlook Express, deleted the Inbox. Logged back in Outlook Express, and it created a new Inbox free of virus. The I start sorting my emails, until I found the one the set off the alarm, deleted it, moved the email back to the Inbox, deleted the temporary folders, and Avast no longer detected any virus. The email message had no attachment, and was created using an Outlook Express Template.