Last night I had this unexpected popup from Sophos indicating I had been hit by a Trojan and I should check the quarantine log. The quarantine log is empty. So I pulled up preferences and checked the Sophos log and found com.sophos.intercheck: 2011-05-16 20:05:55 -0400 Threat: 'Troj/Iframe-CG' detected in /private/var/vm/swapfile1 com.sophos.intercheck: Access to the file denied Umm, ok, how the heck did I get a trojan in a pagefile? The only way this makes sense is if I managed to load a page with this in it and it was pushed to VM but never to the disk. I'm also confused because I have the on-access scanner turned on. I guess option b is this is a false positive.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
