• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: AUGD: No MacScan. What about this...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AUGD: No MacScan. What about this...

  • Subject: Re: AUGD: No MacScan. What about this...
  • From: Al Varnell <email@hidden>
  • Date: Tue, 04 Oct 2011 17:37:10 -0700
  • Format: flowed
  • Read-receipt-to: email@hidden
  • Thread-topic: AUGD: No MacScan. What about this...
Title: Re: AUGD: No MacScan. What about this...
On 10/4/11 1:29 PM, "S. M. Henning" <email@hidden> wrote:

I just installed ClamXav and it found 4 problems:

Worm.Sober.I    in ~/Documents/Eudora Folder/Attachments Folder
Worm.Bagle.Gen-vbs   in ~/Documents/Eudora Folder/Attachments Folder
Exploit.PDF-19944    in AirPortExtremeUserGuide.pdf
Email.Phishing.DblDom-59   in ~/Documents/Files/Internet Files/System-Eudora-Mail Folder/

Couple of notes about what you found.

The first three are not Mac malware as they would all contain the letters “OSX” in the infection name.

The Exploit.PDF-19944 is probably a false alarm as I’ve seen several reports of legitimate PDF documents being flagged.

Be careful with the last email item.  If you move it to either the trash or a quarantine folder it will almost surely corrupt the mailbox index, possibly resulting in the loss of other messages. If you have an IMAP account or POP account where you leave messages on the server then the infected message will still be on the server and will just download again when you check for new mail.

The way to address email infections is to right-click/control-click on the file or infection name and select “Reveal In Finder”. When the window opens and double-click on the file (it cannot harm anything at this point) to open it in Eudora. If you agree that it’s a phishing attempt then use the delete feature of the browser to move it to the trash and empty the trash folder. If you disagree and want to retain the message, simply make a note of it in order to ignore it the next time you scan.

This same principle applies to most other email clients and AV software.

If you use an email client that stores all mail in a single file the process is more difficult. Come to the ClamXav Forum <http://markallan.co.uk/BB/viewforum.php?f=1> for information and assistance, if necessary.

Full disclosure, I provide uncompensated technical support on the ClamXav Forum.


-Al-
 
--
Al Varnell
Mountain View, CA

 
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Augd mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Re: AUGD: No MacScan. What about this... (From: "S. M. Henning" <email@hidden>)

  • Prev by Date: AUGD: Anti-Virus for Mac
  • Next by Date: AUGD: Re: Augd Digest, Vol 8, Issue 110
  • Previous by thread: Re: AUGD: No MacScan. What about this...
  • Next by thread: AUGD: Anti-Virus for Mac
  • Index(es):
    • Date
    • Thread