noellle wrote:
Ok, so ClamXav finished scanning my computer only, and it did find some phising things and a worm. they might be from the folder of my Dad's old username, though, which is still there in a strange way from when he gave me his computer and then I got a new one....I doubt that's significant, but it's worth a mention.
The one caution I wanted to mention here is to not move any files that are email. That will likely cause corruption of the mailbox index which could then result in loss of some or all additional emails. Also, if these are IMAP accounts or POP accounts where you have chosen to leave messages on the server, the infected emails will remain on the server and be downloaded to your computer again the next time you check email. So make sure you don't select both "Check e-mail for phishing and malware" in Preferences->General and either move to Trash or to Quarantine in either Preferences->Quarantine or Preferences->Sentry.
Depending on the email client used, email is either contained in one huge database file (e.g. Microsoft Entourage) or individual files that usually are labeled <number>.eml or <number>.emlx (e.g. Apple Mail). The following instructions apply only to the latter individual files..
- Right-click/control-click on the file name and select "Reveal In Finder".
- When the window opens, double click on the email file to open it in the email client.
- Read the email and if you agree that it's malware, use the email client's delete button to move it to the trash folder and then empty the trash.
- If you believe this was a false alarm and want to keep the message, make note of it's number so that you can ignore it on subsequent scans.
- If it's a g-mail account, then you will also have to use your browser and web mail to permanently delete the message as they don't honor your clients requests to do so.
If you use a "huge file" email client then come to the ClamXav Forum for some a more complicated method of dealing with infected files.