Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 6 subscribers
  • Views 2155 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Re : How to tell what threats Sophos Deleted

Thomas_xsr

Hello, any help or knowledge is greatly appreciated.

I being a newbie unknowingly set the program to delete instead of log on my first scan apparently it found 1 threat which after i scanned another 3 times has apparently been deleted. Is there anyway to find out what that file was ??  I am afraid it may have deleted something that could cause instability, i am not having any problems at the moment , but i am getting paranoid and really want to find out what sophos deleted.

Please help :smileyindifferent:

:1002141


This thread was automatically locked due to age.
Parents
  • 0

    It's likely a windows-targeted malicious drive-by written in Java.  That path is to the JavaWebCache, where Java referenced by your web browser ends up.

    However, since it's in Java, it can likely download files to OS X as well -- but unless the malware authors were intending it for OS X, the malicious Java will end up downloading a useless Windows executable.

    So the final answer is: it's malicious, and what it does is download a payload... that is likely targeted at Windows right now, but could at any point in time contain OS X malware.

    If you google Troj/JavaDl-BH, the first result is the Sophos security analysis, which states: Affected operating systems: Windows.

    :1002161
Reply
  • 0

    It's likely a windows-targeted malicious drive-by written in Java.  That path is to the JavaWebCache, where Java referenced by your web browser ends up.

    However, since it's in Java, it can likely download files to OS X as well -- but unless the malware authors were intending it for OS X, the malicious Java will end up downloading a useless Windows executable.

    So the final answer is: it's malicious, and what it does is download a payload... that is likely targeted at Windows right now, but could at any point in time contain OS X malware.

    If you google Troj/JavaDl-BH, the first result is the Sophos security analysis, which states: Affected operating systems: Windows.

    :1002161
Children
No Data