Will virus/trojan in mail transfer to a new computer.

Install it properly in your Applications folder, then set it up in its Preferences.

Will you also explain what to do with the clamxav on the desktop & how to set to only scan incoming mail?

I think this is how you do it, after not scheduling any Scan, set a watched folder...

Will I have another file somewhere now that is infected as well?

Not likely, if using Safari, under Safari menu do you have block Pop-up windows selected?

Yes, I do. That's correct?

Yes, I guess they're using javascript or some other method to pop up the windows then.

Would you have a link to the pop up, or what your home page is set to?

V.A.P. wrote:

I have run the clamxav and it found 3 infected files.

They are

file: animan.class-5953..., infection name: Exploit.Java.Byte...

file: ms03011.jar-3847f... , infection name: Java.ByteVerify-1

file: 3668.emlx, infection name: HTML.Phishing.A...

Without the complete name of the infection, I can't give you any details on what they might be (you can see the entire name of the infection by dragging the column wider in ClamXav or seaching the Scan Log), but none specifically target Mac OS X, so I would guess you can safely delete them. If you are using TImeMachine or some other backkup software check back here before you delete anything.

The first two appear to be Java code of some sort. To delete them simply Right-click / Control-click on either the file or infection name in the ClamXav window and choose "Delete File".

In the case of the .emlx file, this is an e-mail file which should be handled in a slightly different manner to prevent mailbox corruption and guarantee deletion from the e-mail server as well as your hard drive. Again Right-click / Control-click on either the file or infection name in the ClamXav window but this time choose "Reveal In Finder". In the window that opens double-click on 3668.emlx to open it in your e-mail client then use the e-mail client applications delete button to safely delete it. If you have chosen to move deleted files to a trash folder, be sure you empty that, as well. If this happens to be from a gmail account, you may find that you have to also log into it using webmail on your favorite browser, check the "All Mail" folder and permanently delete it from there. Kind of a pain, but that's really the only safe and sure way of handling e-mail.

V.A.P. wrote:

Will you also explain what to do with the clamxav on the desktop

What is on your desktop, the ClamXav application or the .dmg file you downloaded?

If the Application, you should have followed these Installation instructions. If it's the ClamXav_2.x.x.dmg file and you have properly installed it, then you can throw it away. If you think you might want to uninstall it at some time in the future you may want to either hold onto it, copy the "ClamAV Engine REMOVER" script somewhere or you can just redownload the .dmg at that time.

& how to set to only scan incoming mail?

http://www.clamxav.com/docs_sentry.php

What to do with it when I get the new iMac also, I guess.

If you migrate from your current computer it should copy everything you need, including your settings.

If you still have questions, please come to the ClamXav Forum and you will probably find a quicker answer.

The emlx file goes in the...

Users/YourUserName/Library/Mail...

path & a bit more deeper with the rest of the numbered .emlx files, at that path you should see other folders to open lkie POPdahdahdah or such.

V.A.P. wrote:

MadMacs0 - are you still there? I haven't found how to post question (cry for help!) in a forum for clamxav.

Good morning (at least where I am), sorry I missed you. You can find the ClamXav Forum here if you need assisstance in the future.

Yikes, I inadvertently (blew it) chose delete on the emix file and then tried to drag it from trash.

There is a recovery proceedure for that which usually works, but as you guessed the safest way is to put it back.

Open the Scan Log and seach for the file name "3668.emlx". If you don't find it right away, that just means that the window is only displaying part of the log. In the lower right corner of the window you will see

▲ Earlier | ▼ Later. Click the Earlier button until you find it. That will tell you which Mailbox it came out of. I wouldn't be surprised to find that it was "Junk" or "Trash" if you use those.