Showing results for 
Search instead for 
Do you mean 
Reply
Regular Visitor
shipwright
Posts: 3
Registered: ‎12-26-2011
0
Accepted Solution

Can't remove Mal/Iframe-F from Macintosh running 10.5.8

Please excuse me if this has been discussed before, but I seem to be unable to identify or remove the source of a Mal/Iframe-F virus that has infected by iMac that is running OS 10.5.8.

 

I regularly receive the same set of messages concerning an infected .mp3, .ppt, files, which appears briefly when I open the Quarantine Manager.  I am also running ClamXav which is instructed to delete all infected files (they are moved to my trashbin; all files show 0 bits in trash).  ClamXav is also identifying a large number of infected Apple Mail files and moving them to the trash bin. 

 

Once I have opened the Quarantine window in SOPHOS, the items listed disappear (this may be due to what ClamXav is doing).  I would like to end this virus, but would like some stepwise advice on what I should do to eradicate the source problem.  Any help would be greatly appreciated.

 

 

Employee
Agile
Posts: 1,195
Registered: ‎11-02-2010
0

Re: Can't remove Mal/Iframe-F from Macintosh running 10.5.8

You are likely experiencing one of the symptoms of having multiple AV solutions installed at the same time... however, Mal/iFrame-F is generally found in web pages, not email attachments.  Likely you are continually visiting a site that contains a hidden malicious iFrame, and the html is cached in your web cache.  When the cache clears, the infection vanishes from quarantine.  The next time you load the page, the infection is re-cached, causing a new detection.

-
Andrew
Threat Researcher
SophosLabs


For our other self-service and peer-to-peer online support systems:


Regular Visitor
shipwright
Posts: 3
Registered: ‎12-26-2011
0

Re: Can't remove Mal/Iframe-F from Macintosh running 10.5.8


Agile wrote:

You are likely experiencing one of the symptoms of having multiple AV solutions installed at the same time... however, Mal/iFrame-F is generally found in web pages, not email attachments.  Likely you are continually visiting a site that contains a hidden malicious iFrame, and the html is cached in your web cache.  When the cache clears, the infection vanishes from quarantine.  The next time you load the page, the infection is re-cached, causing a new detection.


Fingers crossed, I have deleted the cache and rebooted.  Hoping to see what happens - I am indeed running multiple AV systems (Sophos, ClamXav, NortonAV, iAntiVirus).  This recent problem caused what is perhaps an overreaction on my part, having been formerly assured that my iMac was safe from most viruses and malware.  If the tell-tale avalanche of zero byte email message files does not reappear in my trash bin, then I will hope this settles things.  Thank you for the advice, in any case.

Regular Visitor
shipwright
Posts: 3
Registered: ‎12-26-2011
0

Re: Can't remove Mal/Iframe-F from Macintosh running 10.5.8

It worked!  Thank you for your help!