Norton and examining quarantined e-mails

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


Is there a way to restore quarantined e-mails? I need to get at
e-mail message to look at its headers so I can trace its flow.

Unfortunately NAV doesn't allow me to perform a "clean" operation
because the infected object is a mail message. It is not the inbox
that is infected because the user has all of their messages (the
injected message was caught on download).

The "export" operation simply saves a CSV file with the fields that
are present in the dialogue box (which are useless; at the very least
I need a message ID or an SMTP transaction ID (sendmail and postfix
logs can be searched)).

I am willing to go in with a hex editor and examined the contents of
the file / message, so if someone can tell me where these things are
hidden I can start from there.

This is with a recent version of Norton Anti-virus (2001+) on
XP. Don't have it handy to check the exact version of NAV. The virus
that was caught is Netsky (D variant I believe).

Thanks for any info.

David Magda <dmagda at>, /
Because the innovator has for enemies all those who have done well under
the old conditions, and lukewarm defenders in those who may do well
under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI

Site Timeline