Hi All:

I tried Clam antivirus but it was too complicated for me and made my computer run very hot.

Yesterday I decided to try the free Avira Antivirus Program for the Mac from Germany. Wow! It took over 15 hours to scan my hard drive, found 13906493 files and supposedly 613 viruses. It stated 1 was successful and 612 failed, whatever that means. When I looked up the name of a couple of their viruses on their site, they didn't have these listed with the known others. I am assuming most of them are false positives. It found Worms and Trojans if TR stand for Trojan.

I just got this computer in July. How could it take this long to scan? And all those viruses? Clam took less than an hour for the whole hard drive and found nothing.

If they are false positives, if I delete them or keep them in quarantine, will that affect my computer because it was something I needed afterall? Should I restore them to my computer?

Maybe I should use no antivirus and remain blissfully oblivious!

Rita

FWIW, I stopped using antivirus apps quite some time ago. Norton was, in itself, a virus so the cure was worse than the disease. Intego VirusBarrier never seemed to do anything except interfere with Time Machine. So, I stopped using AV software entirely and have had no problems.

I'm still careful, of course. I never click on a link in an email nor open an attachment unless I'm expecting it and I trash obvious phishing attempts and spam. I download software only from sites that I know and trust and never download anything if prompted by an unknown entity.

Thanks, Jon. I'm starting to think that this is the best way to go, as I have for the last 12 years. I am careful, also, about what emails I open, etc.

I still need to know what to do with all the quarantined "viruses" before I dump my antivirus app. Perhaps someone can chime in.

Thanks again.

Rita

Hi, Rita,

I guess what to do depends on what you've got, which, at the moment is an unknown; can you post anything informative?

As for AV apps, I've never used one. I've accepted CARE as the best approach...so far.

Hi Artie:

I tried to copy and paste the log from Avira but it wasn't possible. The viruses were listed (all 613 of them). For instance: TR/Drop/Agent.axo. I'm assuming that is a trojan. And: WORM/Gamarue.l.16. Also TR/Crypt.ZPACK.Gen. Stuff like that. It's all in quarantine. I just want to know if it's safe to delete or keep. If it's a false positive, I wonder if these things are just words or info I need to keep. Most of them were from a Time Machine backup. So weird.

Rita

It is very strange that you would show these on a scan of your Mac, as they are Windows malware that can't affect Macs. Does the antivirus software show you where these supposedly infected files are located? Are you receiving them in emails, perhaps?

Most of them say: /Volumes/MountainLion/Users/rita...blah blah blah. Or /Volumes/TimeMachine/Backups.backupd/Ritaa...(it actually shows ... It doesn't show the whole path.)[ I just see one for mail: /user/Library/Mail...

I know it's weird. I don't trust what it's telling me but I want to dump it without hurting my computer. Do you think if I just hit "delete" in the log section all will be well even if they are false positives?

Thanks.

Rita


quote=tacit]It is very strange that you would show these on a scan of your Mac, as they are Windows malware that can't affect Macs. Does the antivirus software show you where these supposedly infected files are located? Are you receiving them in emails, perhaps? [/quote]

I'm not familiar with the way Avira works, but It's possible that the full path becomes visible by adjusting the scan report window. Otherwise, perhaps it's shown when your cursor hovers over an item. Alternatively, you could check if there is a way to export or save the scan report. After all, the part that's now listed as '...' at the end is important to identify the actual file.

If you see names like the ones you listed, and files with those names are now in quarantine, it means that you have NO false positives, but real (Windows) malware items as tacit already mentioned. Should any System files have been quarantined, they're not likely to 'work' in quarantine, and once you made sure things are still working OK could (eventually) be discarded. Likewise, you probably could recognize important work files, if there are any in the quarantine list, allowing you to make sure you got clean backups. But anything on the scan list and in quarantine is suspect, and may have to be deleted.

Hi:

Hovering does not work and the window cannot be enlarged. Only one says mail, so that's why these are suspect to me. If they all said mail, I would think it's coming from all the spam I get (which I don't open). It seems to mostly be the backup files which is also strange. Why isn't the hard drive itself infected?

I clicked on one of the virus reports. It gave me the option to "get more information". I clicked on it, and it led me to the Avira website which said None found. They have a long list of viruses but not this one which is caught? It doesn't recognize some of the other viruses it caught either. I didn't check them all but it didn't recognize any that I did check and compare to their list. Grrrrr!

Rita

The hard drive itself doesn't get "infected;"malware is a file, that lives somewhere on your hard drive.

The malware you are showing is Windows only; it can't hurt your Mac. Is there a way to tell the antivirus software to show you the full path, or show you the file in the Finder? I'm curious how you are getting these Windows files on your Mac.

The only pathways I could find are the ones above. The whole thing doesn't print even when I click on it. I can't copy, hover to get more info or enlarge the window. Frustrating.

Now I feel better knowing that these are just files and that I can safely delete them and trash Avria. I guess there are other reports of a lot of false positive from them online.

Thanks.

Rita