Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

How to localize and delete the attachment from Inbox folder file?

  • 2 답장
  • 1 이 문제를 만남
  • 5 보기
  • 최종 답변자: ptyborow

more options

Hello,

My name is Piotr Tyborowski and I'm the Technical Support Engineer in Doctor Web. I have got such suport request - one of our customers has problem with viruses in Thunderbird's Inbox folder - our antivirus scanner has found two Trojans in one file located in Inbox file and moved the whole Inbox file to quarantine. We know that these files are located here:

>>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part is ZIP archive C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected with Trojan.KeyLogger.6153 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected >>>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - packed by UPX C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected with Trojan.Click.27588 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part - infected archive

I'm not very familiar with Thunderbird, so my question is - is is possible to get to this 12145.part file and to delete it permanetly, even with the message which cointains it inside?

Thank you in advance and Best Regards,

Piotr Tyborowski Doctor Web

Hello, My name is Piotr Tyborowski and I'm the Technical Support Engineer in Doctor Web. I have got such suport request - one of our customers has problem with viruses in Thunderbird's Inbox folder - our antivirus scanner has found two Trojans in one file located in Inbox file and moved the whole Inbox file to quarantine. We know that these files are located here: >>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part is ZIP archive C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected with Trojan.KeyLogger.6153 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected >>>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - packed by UPX C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected with Trojan.Click.27588 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part - infected archive I'm not very familiar with Thunderbird, so my question is - is is possible to get to this 12145.part file and to delete it permanetly, even with the message which cointains it inside? Thank you in advance and Best Regards, Piotr Tyborowski Doctor Web

선택된 해결법

Piotr,

If it is practical, the absolutely safest approach is to delete the entire profile folder 4dhjzo2v.default while TB is shut down.

If the person is using IMAP, or POP with the option of leaving emails on the server, there should not be a loss of emails (except in local folders).

If there are significant emails in local folders, and they are not infected, they could be exported to a storage medium and later inported to the new profile. There is an add-on to TB which allows import and export of emails in various formats.

The instructions on how to download and install it can be found at http://barryduggan.info/exportMail.php

문맥에 따라 이 답변을 읽어주세요 👍 1

모든 댓글 (2)

more options

선택된 해결법

Piotr,

If it is practical, the absolutely safest approach is to delete the entire profile folder 4dhjzo2v.default while TB is shut down.

If the person is using IMAP, or POP with the option of leaving emails on the server, there should not be a loss of emails (except in local folders).

If there are significant emails in local folders, and they are not infected, they could be exported to a storage medium and later inported to the new profile. There is an add-on to TB which allows import and export of emails in various formats.

The instructions on how to download and install it can be found at http://barryduggan.info/exportMail.php

more options

Hello,

Thank you for answer. The problem is already solved - fortunately the user was able to localize this infected e-mail. She has deleted it, purged TB cache and temp files and after that the anti-virus scanner stopped finding any threats in the system.

Anyway, thank you for your help.

Best Regards,

Piotr Tyborowski Doctor Web