Well that's annoying. Lost my Inbox...

Post #331,666 by Another Scott 8/22/10 2:34:06 PM Reply	Well that's annoying. Lost my Inbox... So I was using Thunderbird to download 5 mail messages via POP. They were received Ok, but there was an awful lot of disk activity and the activity ribbon was stuck at 100%. Hmmm... Then a popup from Symantec Antivirus popped up and said I had a Trojan and it was moved to Quarantine. And my Inbox was now empty. :-( Ok, so I'll let the AV clean it out and be good to go. How hard could it be... Symantec says it can't clean it out because of too many errors in decompressing, or some such thing. :-( I'll be messing around with other things to try to get rid of it, and nothing is critical, but it's annoying to lose a few thousand items in my Inbox. Lesson learned - gotta clean it out occasionally. Cheers, Scott.
Post #331,669 by Andrew Grygus 8/22/10 3:00:23 PM Reply	Symantic? In my experience, if anything actually goes wrong it ties itself into knots. In some cases the only way I've been able to clean up a machine was to uninstall Symantic first. That has taken as long as half an hour because it had the computer all tied up jacking itself off.
Post #331,674 by Another Scott 8/22/10 3:56:34 PM Reply	Yeah... A couple of years ago I had to try to install a newer version of SAV because of some vulnerability. I think it took me about a week to get the old one uninstalled, so that I could install the new one.... :-/ Cheers, Scott.
Post #331,677 by Andrew Grygus 8/22/10 6:06:15 PM Reply	Part of my toolkit is . . . . . a cleanup utility from Symantec that cleans out all the leftover stuff, clears the registry and finishes failed uninstalls. Almost every Symantic uninstall fails at least in part.
Post #331,670 by folkert 8/22/10 3:04:49 PM 8/22/10 3:05:02 PM Reply	Dude.... Stop subjecting yourself to Windows and its problems. When are you going to stop beating yourself up on things like this. I've switch from Evolution to Thunderbird to mutt... all work well with IMAP. Good luck anyway. Edited by folkert Aug. 22, 2010, 03:05:02 PM EDT Expand All History
Post #331,675 by Another Scott 8/22/10 4:03:26 PM Reply	I'm trying. My Opteron desktop/print server running Win2k has been locking up every couple of days. I installed Ubuntu 10.04 on it and have been slowly trying to figure out how to get it in the right Workgroup, etc. (found the info in Chapter 17 of the Ubuntu Server docs, just haven't had a chance to configure Samba yet, etc.). But J's PowerMac found the printers and that's been going Ok. Of course, the Winders machines can't see the printers until I get the Samba stuff configured... But the Opteron still locks up every couple of days, so it's some sort of hardware problem. I've got another box I can use for it, but not the time right now. This T61 running XP also locks up every couple of days if I leave it running, but it's Ok if I let it sleep with the lid closed when I'm done with it. This is the first time (that I recall) that I've had a virus problem with it. Been lucky, I guess. I'm slowly moving things over to Ubuntu, but I can't go cold turkey just yet. :-) Cheers, Scott.
Post #331,671 by scoenye 8/22/10 3:06:56 PM Reply	Any way to tell it not to scan the mail files? (The Inbox lost its contents because Symantec quarantined the whole file.) It may be a bit problematic as Thunderbird doesn't seem to use extensions for the main files. Alternatively, turn off the on-access scanner for now. Restore the inbox from quarantine. You may have to reindex. Delete the suspected message by hand and compact the Inbox. Symantec's AV products have always had difficulties scanning ZIP files. That may be what the other error messages are about.
Post #331,673 by folkert 8/22/10 3:11:43 PM Reply	^^^^ GREAT ADVICE! ^^^^
Post #331,676 by Another Scott 8/22/10 4:10:44 PM Reply	Probably. Yeah, like so many other programs, Thunderbird keeps mailboxes as a single file. One of the things I really liked about PMMail was that it kept each message separate. It made it much easier to fix when something went wrong. I found the Quarantined Inbox mailbox (265kB). I really shouldn't let it get that big.... I tried the standard instructions about booting in SafeMode, running SBS&D and SAV, etc., but nothing fixed the Trojan problem. On rebooting I turned off "File System AutoProtect" and got the Inbox file out of Quarantine. I started up Thunderbird and deleted what I think are the problematic files, and compacted the mailboxes. FSAP is back on, but I haven't run a new scan just yet. I'll start that in a few minutes. I think there's a setting in Thunderbird about incoming AV scanning - I'll check after I do another scan. I'll probably keep incoming scanning on, and just be careful about keeping the size down. Although I get very little mail, I don't want to risk infecting other machines. Thanks! Cheers, Scott.
Post #331,678 by Andrew Grygus 8/22/10 6:11:37 PM Reply	So why aren't you using PMMail then? It's available for Windows. I use it every day - mostly on OS/2, but also on Windows, and I have several clients who have used it on Windows since the days when eMail infections became rampant. The thing I like best about PMMail is the ease and clarity with which you can maintain completely separate email accounts. I run one instance of PMMail for support and it has accounts for 17 client mailboxes. I run another instance for my own 13 mailboxes (at several hosting services).
Post #331,679 by Another Scott 8/22/10 6:35:57 PM Reply	I needed Kerberos authentication. I made the transition from PMMail to Eudora and then to Thunderbird for work. IIRC, PMMail wouldn't work with Kerberos. A few years after I moved from PMMail to Eudora, Eudora stopped being updated, so I went to Thunderbird. It also seems to be in danger of being orphaned, but it's working well at home and work so far. If I started using IMAP it probably wouldn't be an issue, but I'm still mostly on POP and I haven't felt the need to investigate it more. Evolution may be great, but since I've never used an integrated calendar/mail product like Outlook I haven't felt the need to try it out. Cheers, Scott.
Post #331,680 by Another Scott 8/22/10 8:39:28 PM Reply	Got it fixed. After turning off FSAP and moving the Inbox out of Quarantine, I was able to delete the 5 problematic e-mail files and compact the mailboxes. I then did a full scan of C: and SAV found 2 infected files. I was able to delete them, turn FSAP back on, and everything seems Ok now. Thanks all. Cheers, Scott.
Post #331,797 by Another Scott 8/25/10 7:56:41 AM Reply	One more thing - a Thunderbird setting tweak. There's a setting in Thunderbird that lets SAV (or other AV) grab only the infected message rather than the whole Inbox file. Tools->Options->Security->Anti-Virus tab: Check "Allow antivirus clients to quarantine individual incoming messages". I'm still getting trojan attempts, and SAV still takes forever when it finds one, but at least it's not grabbing the whole Inbox now. Cheers, Scott.
Post #331,682 by pwhysall 8/23/10 1:44:11 AM Reply	Get rid of Symantec Replace it with MSE, or Avast!, or just about anything else.
Post #331,685 by Another Scott 8/23/10 6:58:10 AM Reply	I'd love to, but how are they better? I recall trying the free AVG antivirus for a while, but it became nagware and was rather intrusive, IIRC. How are these alternatives better? I gripe about SAV, but it has only caused problems for me a very few times over many years. When it does, I want to pull a Howard Beale, but I don't want to trade one set of rare problems for a larger set. IIRC, you mentioned MS's product in the past, but they still make my skin crawl. ;-) Thanks. Cheers, Scott.
Post #331,687 by pwhysall 8/23/10 7:33:34 AM Reply	Re: I'd love to, but how are they better? They don't fuck up your computer, for a start. And as for MS's AV products; you're on Windows already; hanged for a sheep as a lamb, and all that. MSE is garnering lots of positive press for being light-weight and effective.
Post #331,695 by Another Scott 8/23/10 10:38:28 AM Reply	:-) Thanks. Gotta find something for Win2k though... :-( Yeah, 2k is 11+ years old, I know... Thanks. Cheers, Scott.
Post #331,697 by Andrew Grygus 8/23/10 10:54:14 AM Reply	Re: :-) Thanks. Gotta find something for Win2k though... AVG runs on fully patched and updated W2K. Must be SP4 + patches. I have a number of clients running AVG free (not as many as I have running paid, which is pretty low cost) and they have not been complaining of nagware.
Post #331,701 by Another Scott 8/23/10 11:11:30 AM Reply	Thanks. I'll try it again.
Post #331,721 by scoenye 8/23/10 6:55:55 PM Reply	Take a look at Avast as well We're moving away from Symantec to Avast at work because Symantec is utterly unmanagable on top of not being very good. Avast came out of the pile as the one that ate the least resources, has a decent central management system and picked up most of the current crud. It is free for personal use. AVG was also a consideration but since v8.0 I've had some serious issues with both free and full flavors. Besides starting to slack on updates, one installation became unbootable following every update (AVG 8.5 Internet Security)
Post #331,723 by Another Scott 8/23/10 7:47:12 PM Reply	Thanks for the info. I appreciate it.
Post #331,720 by pwhysall 8/23/10 6:53:54 PM Reply	Time to wave farewell to W2K, I think.
Post #331,724 by Another Scott 8/23/10 7:57:08 PM Reply	If it ain't broke... We've got a lot of old machines at work - some that are still running Win98. (I think we've even got some original IBM PCs still active.) Those ancient boxes aren't on the network, but we have many networked Win2k machines are running and controlling other equipment and "upgrading" them to something later doesn't make sense unless there's no other choice. We've got site licenses for SAV and McAfee so those are the default choices. We can run other stuff, but purchases would have to be justified, etc., etc. Cheers, Scott.
Post #331,725 by static 8/23/10 8:07:38 PM Reply	Where would you suggest next? I, too, have a PC still on W2k. I might have trouble legally shifting it to XP. Vista I dislike (have to use it at work) and Windows 7 I also dislike (editing the songwords on the church PC), overlooking the fact the PC might be able to run them. Not sure why I still have it running, to be honest. I've been Ubuntu on my other PCs for ages. Wade. Q:Is it proper to eat cheeseburgers with your fingers? A:No, the fingers should be eaten separately.
Post #331,737 by pwhysall 8/24/10 1:25:26 AM Reply	Based on recent experience, I'd say Linux Mint. Others will be able to advise on more lightweight distributions.
Post #331,739 by folkert 8/24/10 5:25:32 AM Reply	From what I've seen at Helios... Linux Mint is the distro to go to for lightweight setup. They use it for OLD machines being given to people.
Post #331,729 by Andrew Grygus 8/23/10 8:45:33 PM Reply	Here it's the only Windows machine always running. I use it for customer support, general testing, and it does the initial acquisition, processing and storage for my scanner and digital cameras. I also use it when I actually need flash or other video and multimedia. It works fine - why change it? Of course all the real work, data storage and nearly all the Internet access is done on the (gasp! choke!) OS/2 machines. I have a Windows XP machine I turn on when I really need it (last real need was to run VMware's enterprise admin software which only runs on XP and later), or to prove a point to a software support guy who's being a jerk. Of course I have a couple of Linux machines too, used for development and support. All our computers here were built from cast-offs from clients' Windows upgrades, and they all serve very well indeed.

Welcome to IWETHEY!