This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I remove Troj/Iframe-HJ?

I installed Sophos Anti-Virus 8.0.6C for Mac today. It almost immediately found Troj/Iframe-HJ. However, when I go to the Quarantine Manager, put in my admin password, and press Clean Up Threat, it says "Cleaning up threats..." but the task never finishes. Is there another way, or another version, I should be using? And can anyone tell me anything else about this threat?The Sophos website, http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Iframe-HJ/detailed-analysis.aspx is kind of obscure.

Thanks.

This thread was automatically locked due to age.

Parents

0 Agile over 12 years ago

Ah... here we see why you are cautioned not to use multiple AV products at the same time....
SAV appears to be detecting the cached ClamXav template they use to detect the same malware -- so there's nothing actually there.
As for how this malware operates -- the detection detects malicious iFrame code in HTML pages, containing redirects to known-malicious landing pages. The ClamAV template looks like it detects the javascript (not Java) code that injects the malicious iFrame into the web pages in the first place.
:1008732
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Agile over 12 years ago

Ah... here we see why you are cautioned not to use multiple AV products at the same time....
SAV appears to be detecting the cached ClamXav template they use to detect the same malware -- so there's nothing actually there.
As for how this malware operates -- the detection detects malicious iFrame code in HTML pages, containing redirects to known-malicious landing pages. The ClamAV template looks like it detects the javascript (not Java) code that injects the malicious iFrame into the web pages in the first place.
:1008732
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data