Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

difficulty in manually removing virus

sophos detected this threat today: Mal/frame-AA - i am supposed to manually remove it but when I open the quarantine manager and attempt to manually remove it, the option 'clean up threat' stays grey - can anyone advise? should i go to the virus, whose location is identified by quarantine manager and just delete it? will that work? thanks in anticipation - i have an apple macbook, osx 10.6.8.

best regards

Ed Moloney

:1003905


This thread was automatically locked due to age.
Parents
  • Mal/Iframe-AA detects malicious javascript added into existing javascript sections on webservers.  As such, you are most likely detecting this in your browser cache, unless your computer is also a compromised web server.  The best solution is just to clear your browser cache and watch the quarantine item vanish.  If it doesn't, then removing by hand should work just fine -- but if you ARE running a compromised web server, you should remove the malicious code from your web pages and then patch against the exploit that was used to drop it there in the first place.  This will require auditing your server logs.

    :1003911
Reply
  • Mal/Iframe-AA detects malicious javascript added into existing javascript sections on webservers.  As such, you are most likely detecting this in your browser cache, unless your computer is also a compromised web server.  The best solution is just to clear your browser cache and watch the quarantine item vanish.  If it doesn't, then removing by hand should work just fine -- but if you ARE running a compromised web server, you should remove the malicious code from your web pages and then patch against the exploit that was used to drop it there in the first place.  This will require auditing your server logs.

    :1003911
Children
No Data