Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 1655 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is Mal/JSRedir-F

934
After scan I got rid of Mal/JSRedir-F but I can't find out what it is? Could some tell me what it is? can't find out how serious it is? what it did to my computer? How did i get it? what did it do all my info/log ins/passwords etc? Please explain. Thanks in advance
:1005631


This thread was automatically locked due to age.
  • 0
    Cs wrote:
    After scan I got rid of Mal/JSRedir-F but I can't find out what it is? Could some tell me what it is? can't find out how serious it is? what it did to my computer? How did i get it? what did it do all my info/log ins/passwords etc? Please explain. Thanks in advance


    Mal/JSRedir-F is detected on web pages -- it detects javascripts embedded in web pages that are designed to redirect you to a known malicious website.  In itself it is not serious, but the websites you are redirected to are usually designed to install malware on computers through whatever means possible.  Luckily, only a few of them target OS X.

    Sophos has an entire family of detections named JSRedir, and they all detect specific kinds of Javascript redirection techniques found on web pages.  If the content was cached before it ran in your browser, SAV will prevent you from being redirected.  If it instead loads into memory first and then gets cached, you've likely already been redirected to a new web page in your browser.

    You likely got it by clicking on the wrong search result in your search engine.

    :1005653
  • 0

    Interestingly, Mal/JSRedir-F just got flagged up via the automated systems today -- it was first seen in July 2011, has been detected on over 1400 of our customer's systems, and has had almost 4,000 hits.  After being dormant for a while, reports spiked on the 25th, and it is currently running as one of our top 100 detections reported.

    :1005655
  • 0
    Thank you for answering my question. I still don't know what it did to my computer before it was found--after I download sophos. I cleared out cache. Should I do anything else. Should I change passwords? Or is it gone and I shouldn't worry or call my bank etc .just how serious is this? Is it a worm or trojan etc?
    :1005669
  • 0

    As I stated previously, it's a malicious piece of script added to web pages to redirect you to attack sites.  As it was detected, you didn't go to the attack site, so it never succeeded in dropping malware on your computer.

    :1005675