Virus 8399.emlx

In my sixteen or seventeen years of regular participation in these forums, starting about 1994/5, I've never encountered anyone as resolutely determined not to benefit from the help he has asked for as you are, macfrombrampton.

ClamXav, like many other troubleshooting and diagnostic tools, uses heuristics — experience-based "rules of thumb" — to flag some potential threats to your security. One of those rules of thumb is "flag any email message containing a link to a web site that pretends to be somewhere it's not," because experience indicates that an intentionally misleading site is often designed to fool visitors into supplying personal information about themselves that can then be criminally misused. A great many such email messages are filtered out as SPAM by most ISPs or by the user's own email client software, but there are so many of them sent that a few get through to you, and those few messages are what ClamXav is flagging. The messages themselves are harnless — they have no payload that installs itself or performs any action on your computer. The only way any harm can come to you from them is if you 1) click the links they contain, and 2) supply the information you are asked for by the sites those links take you to.

In other words, those email messages are merely SPAM inviting you to put your security in jeopardy. If you're disinclined to do that, all you need to do is delete the email messages in the manner provided by your email client application. You don't need to use ClamXav to delete them, and as Thomas has warned you, deleting them in any manner other than the one provided by your email client is apt to corrupt the database that your email client maintains. Doing that is exactly analogous to using the Finder to delete pictures from an iPhoto Library or music from an iTunes Library — two other things one should never do, because the result will be a corrupt library database that refuses to open at all or exhibits anomalous behavior when it does open. The proper way to delete pictures from an iPhoto Library is to do it within the iPhoto application, and similarly, the proper way to delete email messages from a Mail database is to do it within Mail.

eww wrote:

all you need to do is delete the email messages in the manner provided by your email client application. You don't need to use ClamXav to delete them, and as Thomas has warned you, deleting them in any manner other than the one provided by your email client is apt to corrupt the database that your email client maintains. Doing that is exactly analogous to using the Finder to delete pictures from an iPhoto Library or music from an iTunes Library — two other things one should never do, because the result will be a corrupt library database that refuses to open at all or exhibits anomalous behavior when it does open. The proper way to delete pictures from an iPhoto Library is to do it within the iPhoto application, and similarly, the proper way to delete email messages from a Mail database is to do it within Mail.

You can add TimeMachine/TimeCapsule to that list. For the most part it won't let you mess with individual files in the Finder, but if you insist on moving or deleting something, you almost certainly will correupt it's index and make it a worthless backup. TM/TC files need to be deleted from within TimeMachine.

Hopeless. Just hopeless.

Die Jungfrau von Orléans, 3. Aufzug, 6. Auftritt.

Wow.... this has been going on for nearly four months now.

And macfrombrampton has brushed aside every iota of information offered to him. He is as impenetrable as Fort Knox.

Maybe you should look elsewhere. Having refused others' help, I don't know if anyone could, or even wants to, provide an answer that you consider satisfactory.

Did I miss someone suggesting you plug the name of the virus into Google or another search engine and you will wind upwith several sources to find exactly what the virus is, it's orogination and if it's a problem or not. Over the years, starting with an amazing radio shack computer and original IBM pc, actually serial # 0004, I find simply deleting an email right within the e-mail system removes all traces and the only way to get the "virus" is to open the file or reply to an e-mail opening a link.

p.s. I am now all Apple so no confusion as to why I am on the forum - looking for my own answers!

Does anyone have any idea what the fuction of this Malware

You've been told numerous times over the last four and a half months exactly what that identification means, and you have chosen not to listen to any of it. It is clear at this point that you will not accept anything that anyone has to say other than what you want to hear.

And you never will be able to locate any, because "Heuristic.Phishing.email.SpoofedDomain" is not the name of a piece of malware. It is the name of a rule used by ClamXav to identify certain email messages containing falsified links. Those email messages are harmless if you don't click on the links in them and supply personal information about yourself.

I have reported this entire thread to the forum hosts as a months-long dead end in which you have wasted the time of every person who has replied to your broken-record posts. With any luck, the whole sorry mess will be gone tomorrow.