Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 6 subscribers
  • Views 3202 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I remove Troj/Iframe-HJ?

jk10003

I installed Sophos Anti-Virus 8.0.6C for Mac today.  It almost immediately found Troj/Iframe-HJ.  However, when I go to the Quarantine Manager, put in my admin password, and press Clean Up Threat, it says "Cleaning up threats..." but the task never finishes.  Is there another way, or another version, I should be using?  And can anyone tell me anything else about this threat?The Sophos website, http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Iframe-HJ/detailed-analysis.aspx  is kind of obscure.

Thanks.

JK

:1008452


This thread was automatically locked due to age.
Parents
  • 0

    Is there any further information on how this malware operates on the Mac?  I have only seen reference to it in Windows.  I deleted the occurrences found by Sophos, but I have had Sophos generate messages twice since in Quarantine, that looked like this

    com.sophos.intercheck: 2012-07-31 21:18:09 -0400 Threat: 'Troj/Iframe-HJ' detected in /private/var/folders/gx/ms01z1yj6w17wk_82zv847k40000gn/T/clamav-121a721d7f031e9988b6591e2f3d7822/javascript

    When I enttered the admin password for more details, the message disappeared, though remained in the log.  Both of these occurrences happened when I was also running ClamXav.

    I have also disabled Java, hoping this may prevent some further action, if the malware is still operating.

    Can anyone give me further help in tracking this down, and/or eliminating it?  I am hoping that this can be eliminated without jeopordizing my data (and programs) but I have not been able to be comfortable that it is gone.  These two occurences in /private/var/folders have been the only two in recent days, and have disappeared, as have the folders they were pointing too, which I assume are temporary.

    :1008692
Reply
  • 0

    Is there any further information on how this malware operates on the Mac?  I have only seen reference to it in Windows.  I deleted the occurrences found by Sophos, but I have had Sophos generate messages twice since in Quarantine, that looked like this

    com.sophos.intercheck: 2012-07-31 21:18:09 -0400 Threat: 'Troj/Iframe-HJ' detected in /private/var/folders/gx/ms01z1yj6w17wk_82zv847k40000gn/T/clamav-121a721d7f031e9988b6591e2f3d7822/javascript

    When I enttered the admin password for more details, the message disappeared, though remained in the log.  Both of these occurrences happened when I was also running ClamXav.

    I have also disabled Java, hoping this may prevent some further action, if the malware is still operating.

    Can anyone give me further help in tracking this down, and/or eliminating it?  I am hoping that this can be eliminated without jeopordizing my data (and programs) but I have not been able to be comfortable that it is gone.  These two occurences in /private/var/folders have been the only two in recent days, and have disappeared, as have the folders they were pointing too, which I assume are temporary.

    :1008692
Children
No Data