This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mal/iframe-F - How do I clean this up manually on a Mac?

It seems only in Firefox one of my blogsites appears to be hacked. I was suggested by my server that I try Sophos to identify and repair the malware. I have been a Mac user for a long time and never had a problem with a virus. Running the Sophos diagnostic it showed the threat to be Mal/Iframe-F and says to clean up manually, but it appears the virus removal tool is only for PC's. Am I missing something. Can anyone help? My laptop is running painfully slow. Also, I have thought to totally uninstall Firefox, but will that affect my Sophos program? I appreciate any help anyone can offer asap.

This thread was automatically locked due to age.

0 Agile over 13 years ago

The Windows virus removal tool and the Sophos Anti-Virus for Macintosh Home Edition software are not the same thing, although they use the same detection and cleanup data.
Check the sidebar on this forum for a link to the download for the Mac product.
:1007777
Cancel
Vote Up 0 Vote Down

Cancel
0 BY over 12 years ago

I just received this "threat" today, but I'm not sure how to remove it, since it doesn't appear to be an actual file:
/Users/b--------Library/Caches/Firefox/Profiles/nizqf4uk.default/Cache/0/4C/F27ABd01
As I am not a computer/tech guru, I just want to confirm the following things:
- I am running only Mac OSX 10.7.4; is this malware a threat to my computer?
- How do I remove this? I feel silly, but I can't seem to create the custom scan to "manually" remove it? Or do I just need to clear my Firefox cache?
**** I feel silly; I was able to resolve it using the below from SOPHOS: Java Web Cache. If the file path contains “/Library/Caches/Java”, From the Sophos Preferences window, temporarily disable on-access scanning. Go to the Finder, hold down the Option key, and from the Go menu select Library. If the Library option does not exist, select Home and then click on the Library folder. Open the Caches folder and put the containing Java folder in the trash. Empty the trash. From the Sophos Preferences window, re-enable on-access scanning. Time Machine Archive.
:1010154
Cancel
Vote Up 0 Vote Down

Cancel
0 BY over 12 years ago
I wanted to edit my reply, as something was acting up on my Firefox. I was able to remove the threat using the steps below [from Sophos] - mine had to do with my cache[?]:
If any threats still exist as “Clean up manually” after performing the custom scan with the Delete option, the files are probably contained on a backup volume or inside an archive. These are not deleted by Sophos, as they probably contain a lot of information you do not wish to delete as well as the detected file.
Some common locations for such files are:
Java Web Cache.
If the file path contains “/Library/Caches/Java”,
From the Sophos Preferences window, temporarily disable on-access scanning.
Go to the Finder, hold down the Option key, and from the Go menu select Library.
If the Library option does not exist, select Home and then click on the Library folder.
Open the Caches folder and put the containing Java folder in the trash.
Empty the trash.
From the Sophos Preferences window, re-enable on-access scanning.
The link below [from SOPHOS] explains other scenarios to removing threats:
http://www.sophos.com/en-us/support/knowledgebase/118117.aspx

I'm hoping that all malware threats really have been removed!
:1010156
Cancel
Vote Up 0 Vote Down

Cancel
0 Agile over 12 years ago

I'm glad that addition to the kba was useful for you :)
For web cache items, it's usually just as easy to disable on-access scanning, clear your web cache from within the browser's preferences and then re-enable on-access scanning.
The detection will re-appear the next time you visit the site with the malicious iFrame redirect.
:1010262
Cancel
Vote Up 0 Vote Down

Cancel