How to clean virus-infected files ?
Scot L. Harris
webid at cfl.rr.com
Mon Jun 28 13:56:00 UTC 2004
On Mon, 2004-06-28 at 07:16, Alberto M R Davila wrote:
> Thanks Charles,
>
> But... I have also viruses in my evolution mbox files:
>
> > //home/mine/evolution/local/KBD/mbox: Exploit.IFrame.Gen FOUND
> > //home/mine/evolution/local/2002/mbox: Exploit.IFrame.Gen FOUND
> > //home/mine/evolution/local/2003/mbox: Exploit.IFrame.Gen FOUND
>
> If anyone has "any" further tip, please kindly let me know.
>
> Thanks.
>
This is one problem with the mbox format. To find the specific message
that has the infection you may be able to search the mbox file for the
name listed above "IFrame.Gen" or some variation of that. Hopefully
that is in clear text in the message. Use something like vi to locate
that in the mbox file then look around that area until you identify the
header of the message, subject, date, sender, etc.
If it is not in clear text then you will need to find out what the
fingerprint of the virus is (should be in the clamv sources) and search
for that.
Then go into your email client locate the message you found based on the
info above and delete that message.
I have not tried this but that is about the only way you are going to
find the individual message in an mbox format. If maildir format was
used then each message would be in a separate file and this would be
easier to deal with.
--
Scot L. Harris
webid at cfl.rr.com
"I'm a bastard, and proud of it !"
- Linus Torvalds
More information about the fedora-list
mailing list