為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

How to localize and delete the attachment from Inbox folder file?

  • 2 回覆
  • 1 有這個問題
  • 29 次檢視
  • 最近回覆由 ptyborow

more options

Hello,

My name is Piotr Tyborowski and I'm the Technical Support Engineer in Doctor Web. I have got such suport request - one of our customers has problem with viruses in Thunderbird's Inbox folder - our antivirus scanner has found two Trojans in one file located in Inbox file and moved the whole Inbox file to quarantine. We know that these files are located here:

>>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part is ZIP archive C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected with Trojan.KeyLogger.6153 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected >>>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - packed by UPX C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected with Trojan.Click.27588 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part - infected archive

I'm not very familiar with Thunderbird, so my question is - is is possible to get to this 12145.part file and to delete it permanetly, even with the message which cointains it inside?

Thank you in advance and Best Regards,

Piotr Tyborowski Doctor Web

Hello, My name is Piotr Tyborowski and I'm the Technical Support Engineer in Doctor Web. I have got such suport request - one of our customers has problem with viruses in Thunderbird's Inbox folder - our antivirus scanner has found two Trojans in one file located in Inbox file and moved the whole Inbox file to quarantine. We know that these files are located here: >>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part is ZIP archive C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected with Trojan.KeyLogger.6153 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\KeyDLL.dll - infected >>>C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - packed by UPX C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected with Trojan.Click.27588 C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part\svhosts.exe - infected C:\Users\Renatrix\AppData\Roaming\Thunderbird\Profiles\4dhjzo2v.default\Mail\Local Folders\Inbox.sbd\Konto WP\12145.part - infected archive I'm not very familiar with Thunderbird, so my question is - is is possible to get to this 12145.part file and to delete it permanetly, even with the message which cointains it inside? Thank you in advance and Best Regards, Piotr Tyborowski Doctor Web

被選擇的解決方法

Piotr,

If it is practical, the absolutely safest approach is to delete the entire profile folder 4dhjzo2v.default while TB is shut down.

If the person is using IMAP, or POP with the option of leaving emails on the server, there should not be a loss of emails (except in local folders).

If there are significant emails in local folders, and they are not infected, they could be exported to a storage medium and later inported to the new profile. There is an add-on to TB which allows import and export of emails in various formats.

The instructions on how to download and install it can be found at http://barryduggan.info/exportMail.php

從原來的回覆中察看解決方案 👍 1

所有回覆 (2)

more options

選擇的解決方法

Piotr,

If it is practical, the absolutely safest approach is to delete the entire profile folder 4dhjzo2v.default while TB is shut down.

If the person is using IMAP, or POP with the option of leaving emails on the server, there should not be a loss of emails (except in local folders).

If there are significant emails in local folders, and they are not infected, they could be exported to a storage medium and later inported to the new profile. There is an add-on to TB which allows import and export of emails in various formats.

The instructions on how to download and install it can be found at http://barryduggan.info/exportMail.php

more options

Hello,

Thank you for answer. The problem is already solved - fortunately the user was able to localize this infected e-mail. She has deleted it, purged TB cache and temp files and after that the anti-virus scanner stopped finding any threats in the system.

Anyway, thank you for your help.

Best Regards,

Piotr Tyborowski Doctor Web