Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help please in getting rid of a rouge email


18 Jan 2014   #1

Windows 7 Home Premium x64
 
 
Help please in getting rid of a rouge email

I have ' MSE', 'Malwarebytes Pro' and' IoBit Malware Fighter', all running in real time and all apparently in harmony on my Windows 7 system.
I use Windows Live Mail as my email client which collects my mail from (amongst others) VirginMedia which is my ISP.
I recently received a dodgy email with a zip file attachment containing a virus (W32/Krap.A!tr)
One of my antivirus/malware programmes appears to have neutralised the virus in the attachment and left a comment to that effect at the bottom of the email. Needless to say, I have not tried opening the attachment
The email was an obvious phony ......"Regarding your recent Amazzon (note the spelling) Order ....... see details in the attached".

I have scanned my system with the three above anti malware programmes together with 'Malwarebytes' Root Kit scan, 'Hitman Pro' and 'Microsoft's Malicious Software Removal Tool' in the hope that they would spot the offending email and delete it. All have come back clean - no threats found. They are probably not finding it because it has been nuked by my one of my security programmes.
I have further checked the email by uploading it to PhrozenSoft VirusTotal Uploader (a cloud antivirus checker) who state that it is safe. Problem is that I have no way of knowing if their checking includes the attachment.
No abnormal behaviour on my computer so I assume that I am safe from the virus
However, try as I might I cannot delete the email and its attachment.

It shows in a folder called 'All Mail' in Windows Live Mail. If I select it and try to delete, it disappears for a few seconds and then either, reappears in that folder or moves itself to another folder such as 'Bin or 'Spam'. Deleting it from there sends it back to the All Mail folder (even though the system asked me if I want to permanently delete it from my computer). I have tried sending it to another folder within WLM and then deleting that complete folder. The folder and everything else in it disappears except for that email which finds its way back to another live folder.
I have tried saving it as a file other than eml and then deleting that file but it still remains in WLM
I have been into my server's email programme (Virginmedia) and deleted it there which seems to have worked but for that side of things, but I still cannot get rid of it in my WLM.
It is possibly now benign but I really would like to be rid of the email
Anyone any ideas how to rid me of the beast ? Thanks in advance for any suggestions

My System SpecsSystem Spec
.

18 Jan 2014   #2

Windows 7 Home Premium
 
 
Suggested reading material

Hi,

I don't use WLM but here's some reading material on the subject:

How to Delete an Attachment from Received Mail in Win Live Mail, Outlook Express


When I spot a message with a suspiciously looking attachment in Windows Live Mail I want it gone, gone, gone from my computer.

If you've deleted the message from the server and it still re-appears then I've got no idea why that happens.
My System SpecsSystem Spec
19 Jan 2014   #3

Windows 7 Home Premium x64
 
 

Thanks Callender for the suggestions - I appreciate the reply

I have already tried the 'pressing shift at the same time as delete' but that did not work
I am reluctant to try the instructions in your link which refer to opening the attachment in notepad and making changes by editing the script which should then enable it to be deleted. I do not want to open the attachment for in case it revitalises the virus therein and also, I would not know if it had actually been deleted without checking all of my folders in WLM.
My System SpecsSystem Spec
.


19 Jan 2014   #4

Windows 7 Home Premium
 
 
How to check processes

Hi,

Like I said - I'm no expert on WLM. However if you wish to attempt removal of the attachment and are worried about activating something nasty you could consider running N-Shield. It will run on demand without installation and can be configured not to run on start up via it's settings.

It will warn you when any new process attempts to run and ask you to "allow" or "block" the process if it's not in the whitelist.

This is not a program for everyday use - you could run it only when you need to monitor your system for possible suspicious processes that might attempt to run.

N-Shield Free Download

Another possibility to consider is removing then reinstalling WLM:

How to uninstall and reinstall windows live mail


Attached Images
 
My System SpecsSystem Spec
19 Jan 2014   #5

Windows 7 Home Premium 64-bit
 
 

Try this:

1. Back up the email you wish to keep. While rebuilding the mailstore shouldn’t result in any loss of email, it is always better to be safe.

2. Close Windows Mail.

3. Click the Start Button and select Computer.

4. Navigate to C:\Users\your username/AppData/Local/Microsoft/WindowsMail.

5. Delete WindowsMail.MSMessageStore.

6. Open the Backup directory.

7. Open the new directory.

8. Delete WindowsMail.MSMessageStore.

9. Open Windows Mail to rebuild the mailstore database.

You should now be able to view and delete the problematic message(s).

Hope this helps,
John
My System SpecsSystem Spec
19 Jan 2014   #6

Windows 7 Home Premium x64
 
 

Thanks Callender and johnsmith45
If I am reading rightly you both seem to be suggesting (in slightly different ways) that I backup all messages that I wish to keep in WLM (ie everything but this blasted email), then uninstall WLM, then re install it together with the backed up messages.

There is some logic there
Or have I missed your point

N- shield looks to be a useful piece of additional armour but I assume Callender that you suggest not for everyday use as it will constantly be asking if OK to allow all programmes to run
My System SpecsSystem Spec
19 Jan 2014   #7

Windows 7 Home Premium
 
 
N-Shield

N- shield looks to be a useful piece of additional armour but I assume Callender that you suggest not for everyday use as it will constantly be asking if OK to allow all programmes to run.


Yes that's correct. If you leave it running it will bug you all the time. It's best to use it when you think that a suspicious process might launch. Like when opening a dodgy attachment or installing untrusted software.
My System SpecsSystem Spec
Reply

 Help please in getting rid of a rouge email




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:20 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33