From MozillaZine Knowledge Base
Manufacturers of antivirus programs often change their behavior without prior warning or sufficient testing on non-Microsoft products. Word to the wise - be conservative and cautious. And make sure you have backups of your profiles.
Despite talk of "heuristics", most antivirus programs do not provide protection against rapidly spreading new malware infections before the antivirus companies manage to provide appropriate updates. To protect yourself against new e-mail viruses, open e-mail attachments only if you trust the sender and if the sender announces the attachment. Be alert for messages where the sender's address is spoofed (the message appears to have come from one source but in fact was sent from somewhere else) or where the attachment is announced in a way that sounds suspiciously generic (e.g., "Hi, here's the file you wanted"); both techniques are commonly used by the creators of malware to trick you into opening the attachment. If you have any suspicions about the origin or authenticity of a message, do not open any attached files until you have checked with the sender.
Do not check (enable) "View -> Display Attachments Inline".
Unless the e-mail is job-related or otherwise important, consider waiting a while before opening the attachment. This gives your antivirus program's manufacturer a chance to provide a necessary update. Be especially careful if the e-mail is not a new one and is being forwarded.
Opening attachments is the major risk, but consider using "View -> Message Body As -> Plain Text" to view a message as plain text whenever you're going to read a suspicious message. For example, reading a message in your junk mail folder to confirm whether it's really spam. Viruses and scripts rely upon the email client interpreting the message. If you view it as plain text, there is nothing to interpret (unless you click on a link in the message or open an attachment)
Keeping your antivirus software from deleting your Inbox
Thunderbird stores all of the messages that you see in your Inbox folder in a single file called "Inbox" in your profile folder. All of the other mail folders also use a single file named after the folder ("Sent.", "Drafts.", "Trash.", etc.). Some antivirus software assumes each message is stored as a separate file so when it detects a virus in your Inbox it deletes the whole file (your entire Inbox folder) rather than deleting that message. This problem is due to a design flaw in certain antivirus programs, not in Thunderbird. It is known to occur with Outlook Express , Eudora and other email clients. Fortunately, there are measures you can take to keep it from happening.
Antivirus program settings
Thunderbird settings and use
To minimize the chance of your Inbox being quarantined or deleted:
To minimize the loss of mail if your Inbox ever does become quarantined or deleted:
Recovering a quarantined Inbox
Other potential problems
Compatible antivirus programs
Avast!, AVG, NOD32, and Kaspersky seem to be safe choices, and the retail version of Symantec a risky choice based on comments from the forums over several years. Symantec's Norton Antivirus does not support IMAP and its POP3 scanner frequently quarantines the Inbox according to many reports in the forums. There doesn't seem to be a consensus for CA, F-Prot, McAfee, Panda, etc., though typically the enterprise version of a anti-virus program is more compatible than the retail version. The free version of Avast! seems to meet most users' needs. Any antivirus program with real-time protection (including Norton) can be safely used by turning off email scanning.
We used to have a long list of compatible and problematic antivirus programs, but it was removed since it was too hard to keep up to date. Currently McAfee seems to be causing a lot of problems with Thunderbird. The Mozilla Wiki has a list of compatible and problematic antivirus programs, though it also has problems being kept up to date. What version of Thunderbird you use doesn't seem to effect what antivirus programs are safe choices.
Safe test virus
Many anti-virus programs (those that are EICAR compliant) can be tested to ensure some minimal level of functionality by using the European Institute for Computer Anti-Virus Research (EICAR)'s anti-virus test file.
AVG has stopped development of "AVG Plugin For Mozilla Thunderbird" and recommends you install the "Personal E-mail Scanner service" instead.  They aren't the only anti-virus manufacturer that has had problems dealing with the new rapid release cycle of Thunderbird. If your vendor doesn't have a version that supports the latest version of Thunderbird, see if you can use the generic solution they have for less popular email clients instead of the Thunderbird specific plugin.
In some cases the Thunderbird add-on (the ESET Smart Security extension for example) just adds a toolbar to report spam, and if you don't install that add-on it will still scan your messages for viruses. ESET addon is not supported in newer Thunderbird versions .