Thank you for the thoughtful reply, but you do not get my concern.
Norton is removing mail from the inbox, or at least that is what the logs indicate to me. ( appended is an excerpt.)
Category: Quarantine
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
2013-06-20 9:58:29,High,WS.Malware.1 detected by Virus scanner,Quarantined,Resolved - No Action Required,c:\users\n\documents\thunderbird mail\mail\inbox
2013-06-20 9:58:29,High,W32.Cridex detected by Virus scanner,Quarantined,Resolved - No Action Required,c:\users\n\documents\thunderbird mail\mail\inbox
2013-06-20 9:58:29,High,Trojan.Zbot detected by Virus scanner,Quarantined,Resolved - No Action Required,c:\users\n\documents\thunderbird mail\mail\inbox
2013-06-20 9:58:29,High,Trojan.Malscript detected by Virus scanner,Quarantined,Resolved - No Action Required,c:\users\n\documents\thunderbird mail\mail\inbox
Thunderbird contains no mechanism to detect the editing of it's MBOX files, and as such does not know the MSF file that is used to display mail and locate mail needs to be updated. The result Thunderbird displays mails based on the old index and insead of mails being displayed, the partial source of whatever is at that location is displayed. ie gibberish to the average user.
In the case that I extracted the log entries from the lady complained that repairing the index deleted all the emails that were not correctly displayed.
My working theory here is that where Norton makes multiple edits, data loss occurs. where Norton makes a single edit display errors only occur. This is based on the numbers of Norton users that have appeared in the support forum complaining of display issues that have no data loss following repair, or report none.
So in the first instance, does Nortons edit the MBOX files?