Yes, I am quite aware how there are no viruses for Macs. However, Macs can get Windows viruses, although obviously those viruses have absolutely no effect on a Mac. Still, I like to be a good Internet citizen so I periodically scan my Library directory and my caches for viruses just so I don’t inadvertently pass something along in an e-mail. I guess I hadn’t checked my e-mail caches in a while, because I was alerted “Exploit.HTML.MHT-6” had been found in my main mailbox!The only thing was there was no way to quarantine the virus. To do so would reportedly move my entire “mbox” cache. Due to limitations in the clamXav software I was using I was not told which of the e-mails contained the virus, just that it was in there. I first skimmed through the mailbox, looking for anything suspicious. I moved these letters into a newly created folder called Questionable. I ran another virus scan and got the same result. I then skimmed through the mailbox again, deleting e-mails I didn’t need: old confirmations from Paypal, alerts from eBay, old newsletters; anything dated that I no longer needed. Another scan showed there was no change. I still had not found that one e-mail. The only thing was to start methodically searching. I moved everything from March into a separate folder and ran another search. Then February, then January, then December, onward. Fortunately I found out ahead of time that, according to the application’s author, “The important thing to remember if you’re using Apple’s Mail program is that the move from one mailbox to another doesn’t actually take effect until you quit the Mail program. Scanning with Mail open is just a huge waste of time…not that I’ve ever done that of course…never…not me! ;-)”.
I at least made some progress when I found out the virus dated from October 2004. I created new folders: “1 – 10” and “11 – 20” and “21 – 31” and moved the October e-mails accordingly. And I found the virus was inhabiting the “11 – 20” folder. I created another set of folders: “11”, “12”, “13”, “14”, and “15”, for starters, and soon deduced that the virus had to have been sent October 13.
I checked the October 13 folder and was a tad concerned to find those e-mails were from legitimate sources. It was possible someone I knew or did business with might have been infected. But then, upon closer inspection, I was able to see exactly what the problem was and where the virus was. It was even helpfully in an e-mail called “Exploit”. It was back during the days when my IPowerWeb server had been continually attacked with Trojans. I had found a line of code being attached to my PHP and I’d copied the code and sent it to myself. The one line was not a Trojan, but I guess it linked to one, which was enough to set off alarms in both clamXav and Virex 7.5 … and which caused me to waste an hour and a half, as well as your time here, hunting down an e-mail I had sent to myself.
