Troj/JSRedir-EF
Posted: March 29, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 2/10 |
---|---|
Infected PCs: | 98 |
First Seen: | March 29, 2012 |
---|---|
OS(es) Affected: | Windows |
Troj/JSRedir-EF is a malicious IFrame element that's used to force your web browser to load hostile sites, usually for the purpose of automatically installing PC threats through browser-based vulnerabilities. Since Troj/JSRedir-EF attacks have been observed to piggyback off of third-party advertisements by OpenX, SpywareRemove.com malware experts recommend that you be wary about enabling OpenX advertisements indiscriminately, which may lead the way to a Troj/JSRedir-EF-assisted infection in short order. Since Troj/JSRedir-EF requires the availability of JavaScript to complete its attack, disabling Java for sites that use OpenX advertisements can be considered an effective way of protecting your PC. If your computer has been exposed to a Troj/JSRedir-EF attack that hasn't been blocked, you should use suitable anti-malware software to analyze and remove any Troj/JSRedir-EF-delivered PC threats. The end consequences of a Troj/JSRedir-EF attack can vary since Troj/JSRedir-EF can be used to redirect victims to multiple types of harmful websites.
Troj/JSRedir-EF – a First Step on the Way to a Dangerous Landing Page
Troj/JSRedir-EF is never a single threat by itself, but rather, is used to conduct attacks against your PC along with other malicious IFrame elements and HTML pages. Typical exposure to Troj/JSRedir-EF involves the display of a third-party advertisement that's hosted from OpenX servers. Troj/JSRedir-EF will fail to load if you have JavaScript disabled, and anti-malware applications can also block Troj/JSRedir-EF if they're able to detect ongoing attacks. Once Troj/JSRedir-EF has loaded, Troj/JSRedir-EF will load a second IFrame element by the BlackAdvertsPro group that, in turn, loads an exploit site. The structure of this attack is indicative of BlackAdertsPro most likely selling access to Troj/JSRedir-EF redirects to promote a range of harmful sites, particularly since a second attack on the same computer (as determined by identifying your IP address) will cause you to be redirected to a harmless site instead of the original one.
The exploit site in question may be detected as Mal/ExpJS-AF. Once Troj/JSRedir-EF has finished its work, it's up to the website to complete the attack, which usually consists of installing malicious software without your consent. Since this can take place without visible evidence of it occurring, SpywareRemove.com malware analysts note the usefulness of having security software to detect and prevent Troj/JSRedir-EF-related download attacks from infecting your computer. Using tough browser security settings should also be considered a critical preventative measure.
How to Get Your PC Back from a Troj/JSRedir-EF-Induced Trip to Hostile Territory
Since Troj/JSRedir-EF redirects can be exploited to attack your PC in any fashion that can be hosted on an unsavory website, it's recommended that you respond to Troj/JSRedir-EF attacks with the assumption that your PC may be infected. Accordingly, a complete scan of your PC, preferably done from the secure confines of Safe Mode, will allow you to detect and remove any PC threats that a Troj/JSRedir-EF-affiliated site may have installed. Some issues that may occur as a result of Troj/JSRedir-EF attacks can include:
- Exposure to fake warning messages and other forms of fraudulent security information that are often used to promote scamware.
- Exposure to phishing sites that use false pretenses to steal personal information. Common targets of phishing attacks include account passwords and e-mail addresses.
- The presence of such PC threats as backdoor Trojans, worms, rogue anti-virus programs or other malicious programs that are installed without your consent.
Along with its other limitations, SpywareRemove.com malware analysts have found that Troj/JSRedir-EF is only able to attack Windows computers, although its attack isn't browser-specific (as long as your web browser supports Java).
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.