Joe Gramm wrote:
Comcast sent me an email saying one of my computers was infected with a bot. And I have been getting a lot of Junk email lately. So I ran ClamXav and scanned my User Folder. The scan came up with one infected file in a deleted email folder / Heuristics.Phishing.Email.SpoofedDomain FOUND
Should I simply Secure Trash the file and I guess I should see if the file still exists on the server level.
No! All you need to do for this one is to go back to your Mail app and empty the "Deleted Messages" mailbox since you have apparently already decided it's not something you need.
Normally, I would tell you to read any e-mail that has the word Heuristics in the infection name, since this is only a warning that something about the format of the e-mail is suspicious. It did not match a specific signature of a known phishing attempt so the scanner is simply guessing.
Never use ClamXav (or any other A-V software) to move (quarantine) or delete e-mail. It will corrupt the mailbox index which could cause loss of other e-mail and other issues with functions such as searching. It may also leave the original e-mail on your ISP's e-mail server and will be re-downloaded to your hard drive the next time you check for new mail.
So, if you choose to "Scan e-mail content for malware and phishing" in the General Preferences, make sure you do not elect to either Quarantine or Delete infected files.
When possibly infected e-mail files are found:
Highlight the entry in the ClamXav window's top pane that needs to be dealt with.
Right-click/Control-click on the entry.
Select "Reveal In Finder" from the pop-up menu.
When the window opens, double-click on the file to open the message in your e-mail client application.
Read the message and if you agree that it is junk/spam/phishing then use the e-mail client's delete button to delete it (reading it is especially important when the word "Heuristics" appears in the infection name).
If you disagree and choose to retain the message, return to ClamXav and choose "Exclude From Future Scans" from the pop-up menu.
As far as Comcast is concerned, ask them for details as their are currently no known "bots" that impact OS X.