Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected Email Attachment Scan & Remove Software


  • Please log in to reply
11 replies to this topic

#1 SpyCatcher*

SpyCatcher*

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:hi
  • Local time:03:14 PM

Posted 11 September 2013 - 01:32 PM

Is there any advanced program that can scan for and delete already present infected email attachment?

 

Thanks


in the middle of the night

i found my self awake

floating in a void

i was so happy

and realized was not alone


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 11 September 2013 - 07:52 PM

Is That Email Attachment Clean or Infected with some Virus ?

avast! Free Antivirus Mail Shield scans messages and attachments in E-mail/Microsoft Outlook/Exchange for viruses.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 SpyCatcher*

SpyCatcher*
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:hi
  • Local time:03:14 PM

Posted 12 September 2013 - 09:04 AM

Hi Quietman7 and thanks for your reply :)

 

Avast is my resident AV; so when I saw the warning in my Outlook I checked on the Mail Shield settings in Avast, but they were alright; however the Sensitivity level was as originally configured on Normal. So I set it on High and did a complete scan, but it came clean.  

 

Is Avast the only standalone program for resolving mail attachments security problems?

 

I’m tempted to forward the email as instructed in this wonderful link; it sounds a great and quick solution, but I’ve some reservations about doing that because the suspicious attachment is my Curriculum Vita which was included in a reply from a work place, on my personal Outlook on my own laptop at home. My full name, address and tel. number are included in the cv, plus of course all the other cv's info. So I’m wondering:

 

what would happen with my sensitive information, if I went a head with forwarding?

 

Whether forwarded email inclusive the attachment will be archived in virustotal.com servers?

 

If I or the sender would be receiving unsolicited emails, e.g. from the security vendors on virustotal?

 

Do you think there is already damage done, just by opening the message (not the attachment) and reviewing the written text?

 

 

Probably too many questions   :busy:  I do understand though that there are not always as many answers; but its better to be cautious.  

 

Thanks always for your great answers  :thumbsup2: 

 

 


in the middle of the night

i found my self awake

floating in a void

i was so happy

and realized was not alone


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 12 September 2013 - 09:42 AM

Is Avast the only standalone program for resolving mail attachments security problems?

I'm sure others do but you would have to read their user manuals.

what would happen with my sensitive information, if I went a head with forwarding?
Whether forwarded email inclusive the attachment will be archived in virustotal.com servers?

You would need to Contact virustotal.com and ask them. This is their Privacy policy.

Do you think there is already damage done, just by opening the message (not the attachment) and reviewing the written text?

Probably not...usually when a computer is infected with malware there will be indications (signs of infection) something is wrong.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 SpyCatcher*

SpyCatcher*
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:hi
  • Local time:03:14 PM

Posted 12 September 2013 - 12:01 PM

Thanks again!

 

I’ll be reviewing their private policy and will see if its ok to do the scan.

 

I’ve already searched the web under what I consider appropriate search terms, but I got no effective results.

 

As for any sign of infection, I’ll be reading your link; but I have some suspicion:

 

My laptop is 100% silent due to a very recent hardware cleaning. But I remember very well after opening the message (not the attachment) I began to hear a very subtle noise indicating that the hdd is busy. I’m pretty sure this didn’t happen after the cleaning, but I began to hear it most of the time since the moment I opened the message; everything else is working great.

 

I scanned with MBAM & SAS and they both were clean.


in the middle of the night

i found my self awake

floating in a void

i was so happy

and realized was not alone


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 12 September 2013 - 12:05 PM

Try doing an online scan to see if it finds anything else that the other scans may have missed.

Please perform a scan with Eset Online Anti-virus Scanner.
If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
Vista/Windows 7/8 users need to run Internet Explorer/Firefox as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green esetOnline.png button.
  • Read the End User License Agreement and check the box:
  • Check esetAcceptTerms.png.
  • Click the esetStart.png button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check esetScanArchives.png and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan can take some time to complete...close all programs and do NOT use the computer while the scan is running.
    If given the option (when threats are found), choose "Quarantine" instead of delete.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop as ESETScan.txt.
  • Push the esetBack.png button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.
-- Note: If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure. Eset's detection rate is high and can include legitimate files which it considers suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. Be careful what you choose to remove. If in doubt, ask before taking action.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 SpyCatcher*

SpyCatcher*
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:hi
  • Local time:03:14 PM

Posted 12 September 2013 - 01:36 PM

Thanks millions time!

 

I’ll be scanning with Eset and will post if anything found or not.

 

 


in the middle of the night

i found my self awake

floating in a void

i was so happy

and realized was not alone


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 12 September 2013 - 01:40 PM

Not a problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 SpyCatcher*

SpyCatcher*
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:hi
  • Local time:03:14 PM

Posted 13 September 2013 - 10:02 AM

I read virustotal private policy and concluded for privacy reasons its not a good idea to post the attachment; otherwise was it a great option.

 

I also read your link about “signs of infections” and fortunately non of the mentioned symptoms apply to my laptop.

 

I scanned with Eset as you said but it found nothing. 

 

So, I’m wondering now what to do next! Do you have any more suggestions? 

 

Thanks

 

 


in the middle of the night

i found my self awake

floating in a void

i was so happy

and realized was not alone


#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 13 September 2013 - 05:37 PM

I would monitor your system closely for the next few days.

I can only go by what the scan logs show (what was detected, removed, suspicious, etc) and your description of whatever signs or symptoms of infection you are experiencing. If you want a more detailed look at your system, then more advanced tools are needed to investigate. Before that can be done you will need to follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running DDS which will create two logs.
When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 SpyCatcher*

SpyCatcher*
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:hi
  • Local time:03:14 PM

Posted 14 September 2013 - 07:30 AM

Thanks Quietman7 for all of your great assistance :thumbsup2:

 

I’ll be getting things ready as you said in your post and will place a new topic in the mentioned forum. I hope today!

 

 

 


in the middle of the night

i found my self awake

floating in a void

i was so happy

and realized was not alone


#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:14 AM

Posted 14 September 2013 - 07:48 AM

You're welcome and good luck.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users