MIME & MBOX - OK (internal scan not preformed)

Discussion in 'ESET NOD32 Antivirus' started by tristain, Feb 12, 2013.

Thread Status:
Not open for further replies.
  1. tristain

    tristain Registered Member

    Joined:
    Feb 12, 2013
    Posts:
    1
    Location:
    USA
    I've got some malware, I am using nod32 6 in windows to sort it out. I got the malware from using a Linux Live CD's so I know the malware has to be in my personal files. When checking my files with ESET Antivirus I get lots of these MIME & MBOX - OK (internal scan not preformed) messages. What does this mean? Can virus be hiding in these MIME & MBOX tags? How do I look into them how do I remove them? Thanks in advance for all your help.
    The files in question are text files which have never been emailed. So why should they have MIME or MBOX tags? Regular TXT files should not have archives attached to them should they? I have been converting doc files & rtf's to text because a virus was found in them. So why should brand new files have MIME & MBOX's? Is there something I'm not understanding? Also there is a size discrepancy, these files are bigger then they should be. These files are on a flash drive and there is no archive folder on the flash drive so how can they be archive files? This looks suspicious.

    Also there is a huge size discrepancy in the size of the file and the size on the disk. For example text file is 42 bytes and 4,000 bytes on the disk. Isn't this a sure sign of malware embedded into the file?

    I've encluded a few of the suspected txt files.

    Thanks in advance for all your help!

    big help thank you.
    Edit/Delete Message
     

    Attached Files:

    Last edited: Feb 16, 2013
  2. er34

    er34 Guest

    The MIME and MBOX objects are not viruses or any malware. They are just objects/arch/ that NOD32 antivirus did not scan internally - they are not malware. Most probably it did not scan them due to your scanning settings.

    As you can see at the botton of the scan log - no threats were found.

    However, the virus signatures of your scan are out of date - they are from December 2012. Today is middle of Februrary 2013.

    In order to get help - provide more information about your setup, about your potential problem, why do you believe you got a virus and why do you run from Linux live cd.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    In order to scan email containers, you must enable archives as well as email files in the scanner setup. Email containers (mailboxes) as such do not pose any risk. If you want to remove infected emails from such files, you must remove them in the appropriate email client.
     
Thread Status:
Not open for further replies.