[clamav-users] Malware in an Icedove profile of mine cannot be located
amenex at amenex.com
amenex at amenex.com
Tue Aug 18 08:26:05 EDT 2015
After working out a good method of accessing multiple Icedove
multitudes of emails into one grand file system, and then finding one
email that insinuates itself into any folder into which I move found
finding that I cannot get rid of the payload that's causing this behavior.
I did find several copies/versions of the email and then moved them
into a holding
folder, but even though they seem to be isolated there, every time I
and then move anything else within the rest of the email file system,
a new copy
of that nasty little email finds its way into the destination folder.
I have saved the sourcecode of the original phishing email in several
copies of the offending email, which I had received and then reported
in 2005, and I can quickly locate all the new copies of the nasty email by
searching on its 12/31/1969 date and then deleting them, which consist of just
a date with no headers and no text body, but the propagation still
when the offending emails are "isolated" in a Malware folder. Even after
completely removing the isolation folder onto a thumb drive, the insinuations
recur whenever I use the search function in an email folder to find
and then move
the target emails into a destination folder.
I installed ClamAV and ClamTK and then scanned my entire Home
but nothing was found in my main Icedove profile, and the behavior
If I do a Google search on a portion of the phish's subject line, I
get a large
number of hits identifying the emails as phishes.
Here is that subject line:
> eBay New Message Received from Seller for Item#330082756410
While I was sorting files into my main mail file system, I noticed
could not accurately count the number of emails in the source folder,
fluctuated up and down. I had combined emails from several other
profiles into that one folder, however. Other source folders were
In a test profile, I deleted the folder and contents of the offending
also deleted the one blank email with its 12/31/1969 date from the
after moving files into it, and when I tried that again after no known
of the offending email could be found with the search function, the
stopped. However, when I repeated this exercise with the much bigger
I could not get rid of the insinuations. However, I did find that they
propagated by selecting & moving the emails from within the source
folder into a
target folder; only search & move performed the propagation.
Can anything be done about this ?
More information about the clamav-users