![]() Unfortunately I purged all of these cache files before I could send them for analysis. I would be surprised if they were other than Windows exploits.Ĭlick to expand.Thanks very much for the information Rmus! Once again you prove an exceptional source of knowledge on these forums. If the deleted pages are still in your Trash, you can retrieve them, Zip them, and send them to McAfee or other vendor for analysis. In your case, these page were quarantined, which, I assume, means they could not execute any code, even if a MAC OS or application vulnerability were present. The usual payload is a trojan executable that is downloaded to the victim's machine, as shown in the McAfee example. js with different malicious codes inside. Opera's cache files no longer include file extensions, but the ones you found are probably. If there are no exploitable vulnerabilities, the pages just sit in the cache and do nothing. I have an OK handle on my Windows machine, but OS X security is still new to me.Ĭlick to expand.The cached pages have exploit code targeting various Windows, Internet Explorer, and other application vulnerabilities, as shown above. Are there any other steps I ought to take to ensure this problem is taken care of? Is there any lingering risk after purging the quarantined files? Any advice would be appreciated. I accepted that answer at first, but the more I think on it, the more I realize that iFrame attacks should be platform independent.Ī full scan with ClamXAV turned up clean. ![]() This is a Windows virus and cannot infect your Mac". I asked around on a few other forums - The answer I received was that "Exploit.iFrame is a trojan that can be attached to web pages or to an email. I deleted them all, though before that I submitted to VirusTotal. The files it found and quarantined (opr0TRGU, opr0TRLF, opr0TRMB, opr0TRMH) were found in the /Library/Caches/Opera/cache/ directory. I was browsing some familiar and trusted websites (in Opera 10.1, javascript whitelisted only for trusted sites, via site preferences) when ClamXAV came back with a quarantine warning for: Exploit.Iframe-1 I should say that I run ClamXAV on my OS X box, mainly because I find most other security solutions for OS X rather expensive. I have a quick question regarding something that came up with my OS X (10.6.2) machine this morning.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |