Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 8 subscribers
  • Views 26497 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I remove Troj/JSRedir-RX on my Mac OS X El Capitan?

EmilyVartanian

I got an alert from Sophos Home that I would need to do it manually but the "how to" directions are pointing me to functions I don't have! Please help!



This thread was automatically locked due to age.
Parents
  • 0

    Hi Emily,

    Sorry for the late reply. A Troj/JSRedir-RX detection is for a malicious bit of JavaScript which you will have seen while browsing the internet, the malicious code will be on the website you visited not on your machine so in that respect their is nothing for you to remove.

    I suggest clearing the alert and then doing a full scan, if nothing comes back then it confirms the above. If you do get another detection just try rebooting then seeing if auto cleanup occurs.

    For reference if we hadn't blocked that what would of most likely happened is your browser would of been secretly redirected to a malicious server which would of attempted to install malware on your machine. 

  • 0 in reply to PeterM

    I have this problem too. Sophos first identified two incidences of Troj/JSRedir-RX in my Safari cache, which I removed manually. I could not delete the notifications from the Quarantine Manager list though. To be on the safe side, I ran a scan of my whole disk again, and now Quarantine manager sees the files on my drive at /.MobileBackups/Computer/2016-08-12 (which is an invisible directory)

    So the files are definitely on my drive, not on the net.

    Peter

  • 0 in reply to PeterMiller1

    Hi Peter,

    The files you detected in /.MobileBackups/Computer/2016-08-12 will most likely also be cached internet files that contain the malicious javascript. Just to put your mind at ease unless you are running these files manually they wont be doing any harm to your machine. 

    You said they were detected after a scan, what cleanup options do you have in the quarantine for these?

Reply
  • 0 in reply to PeterMiller1

    Hi Peter,

    The files you detected in /.MobileBackups/Computer/2016-08-12 will most likely also be cached internet files that contain the malicious javascript. Just to put your mind at ease unless you are running these files manually they wont be doing any harm to your machine. 

    You said they were detected after a scan, what cleanup options do you have in the quarantine for these?

Children
No Data
Unfiltered HTML