Removing an unlisted trojan

My copy of Thunderbird started acting strangely (asking for my password and then rejecting it when I tried to send mail). So I ran a virus scan with AVG (my XP system’s default) and found nothing. Adaware found nothing.

So I tried Kaspersky’s online service and it found Trojan-Downloader.Win32.Pif.ah in Thunderbird’s inbox. The problem – other than having this @#$% trojan in the first place – is that there is no information about this specific virus on the Net. So how do I get rid of the thing? Simply deleting things from my inbox – or even the inbox itself – won’t be enough, right?

Just becuase it’s in your inbox doesn’t mean it’s been executed, unless you remember executing it. If the AV program was able to identify it in your inbox it should have been able to also detect the executed components elsewhere on your hard-drive.

Rejection of your password is not necessarily virus-related. If not a human error, it could be your mail settings or umpteen other causes.

Many thanks, Charlie.

Yes, it was just a coincidence. The virus was in a message I’d somehow overlooked; but it was never executed, so no problem. (But this does make me a bit less sure of AVG, which missed it.)

It turns out my hosting company had changed some settings, so my SMTP username in Thunderbird had to be changed from my name to my full e-mail address.

Yep. Thunderbird is funny that way. I stopped using it because it was too tricky to configure for me. It’s probably the biggest reason I don’t use TB. But the second biggest one: spam, viruses, and malware that comes in from email these days. Using webmail is a highly effective way to put a barrier between you and the virus. Except of course if you use Hinet email.