5 Replies Latest reply: Apr 21, 2010 2:48 AM by Allan Sampson
neonorm Level 1 (0 points)
When I connect my iPhone to my PC, and sync it with iTune installed on my PC, my PC anti-virus software auto-protect quarantined a virus called 'Suspicious.AD'. I deleted that virus using the anti-virus software; and yet when I disconnect and re-connect the iphone again for sync-ing, the same virus appear again and was quarantined. It happened many time and only happen when I connect my iPhone. I am not sure how to get rid of this as I believe it was coming thru my iphone. Prior to this, i downloaded a free appln from Apple store and my phone hanged and i could not even switched it off. After 10 mins or so, I managed to switched it off to reset the system. Then, this 'virus' thing happen. Can anyone advise ? Thanks so much for the help!

iPhone 3Gs, Windows Vista
  • Allan Sampson Level 10 (123,405 points)
    Unless you have jailbroken/hacked your iPhone, nothing can be installed on an iPhone from a received email, from a website, or from a received MMS except for a photo which must be done manually, and I haven't read any reports about malware being included with a JPEG file.
  • neonorm Level 1 (0 points)
    Thanks for your quick reply. But this Is a new iPhone and I m a new iPhone user. I have no idea how to jailbroken the system at all. All I did so far is to install some free apps to get my iPhone going first. It is strange to see this happening.
  • jinx.pt Level 1 (40 points)
    "Suspicious.AD is a highly sensitive detection technology designed to detect new malware threats without utilizing the traditional signatures. Files detected as Suspicious.AD indicates that it has suspicious characteristics and may contain an unknown threat.
    Damage Level: Low
    Systems Affected: Windows"

    Maybe you got a virus on an image you downloaded from somewhere and inserted on your iPhone's photo roll?

    Anyways, it will 'only' affect windows. I somehow doubt your anti-virus can quarantine the files inside the iPhone, so that's why you get repeated quarantines. Furthermore, from the text above, it is only a probability of being a virus, it may or may not be one.

    Anyways, what exactly are you using to sync, and did you buy the iPhone from a reliable source? If it is jailbroken, there could be other issues...
  • Allan Sampson Level 10 (123,405 points)
    Maybe you got a virus on an image you downloaded from somewhere and inserted on your iPhone's photo roll?

    I've never read any reports about malware or a Windows virus being included with a JPEG or image type file. Can you provide any links that support malware or a Windows virus being included with such a file?
  • jinx.pt Level 1 (40 points)
    Yeah, you're right, I don't think it can actually have a virus, they are actually .exe files, and only Windows can be 'tricked' into confusing an .exe as a JPEG. My mistake there. I don't see how the iPhone would be dupped like that.

    So maybe it's just the anti-virus looking at a file, and thinking there might be a virus.

    What anti-virus is the OP using?

    edit: regarding jpeg viruses:
    Didn't quite understand if that report had something to do with dupping windows to think it was a jpeg file, or if it was really a jpeg, that took advantage of some vulnerability when reading the file (hovering with the mouse accesses at least the metadata)

    edit2: also, sophos has previously showed you can have JPEGS that execute code, but you'd first have to have 'installed' a virus (.exe file), that will then run the code present on the JPEG file. So you'd have to be infected first. Maybe he has such an image? (speculating is fun!)

    Message was edited by: jinx.pt