Posted: February 22, 2012

Mal/ExpJS-AA Description

Mal/ExpJS-AA is a malicious file that's crafted explicitly to take advantage of JavaScript exploits while Mal/ExpJS-AA attacks your PC. Although Mal/ExpJS-AA can be installed from most sources that distribute PC threats, malware researchers note that Mal/ExpJS-AA's most visible attacks have involved spam e-mail links. These links use redirect-based exploits to force you to download other PC threats, such as Mal/ExpJS-AA, which can create serious security vulnerabilities for your computer. Being careful around unusual file attachments or links from strange e-mail messages should be your first defense against Mal/ExpJS-AA, although your second defense should always be readiness to remove Mal/ExpJS-AA with a qualified brand of anti-malware scanner.

Denying a Mal/ExpJS-AA E-mail the Opportunity to Harm Your PC

Recent Mal/ExpJS-AA attacks can be identified as fake e-mail messages that pose as changelog updates (a record of changes made to a project over one or multiple updates; for example, patch notes for software). Mal/ExpJS-AA spam is, so far, limited to brief and unconvincing messages such as the example below, although other variants may also be used in the future:

Subject: Re: Your Changelog

Message body:
Good day,
as promised chnglog attached (Open with Internet Explorer)

Even though Mal/ExpJS-AA was first identified by many PC security companies in 2011, these attacks have been reported in 2012. malware experts advise you to delete any e-mail that resembles the above example, since Mal/ExpJS-AA and other PC threats that are included in the same delivery method will be unable to infect your PC as long as you don't interact with the included file attachment. Standard precautions against JavaScript exploits, such as keeping JavaScript up-to-date, disabling it selectively or even keeping JavaScript uninstalled may also help to protect your computer from Mal/ExpJS-AA.

Threats to Watch for in a Redirect That Lands You in a Mal/ExpJS-AA Trap

If you do make the miscalculation of trusting the above e-mail message's attachment (which may be detected by the name Mal/Iframe-W, your browser will be redirected to a malicious site along with the following message:

You are redirecting
Loading... Wait please...

Mal/ExpJS-AA and a second PC threat, the Trojan Troj/PDFEx-ET, will proceed to attack your PC and should be removed with suitable anti-malware programs. Afterwards, they may install other malicious software, steal personal information or attack your computer’s security features. Symptoms of these PC threats, including Mal/ExpJS-AA, are not considered to be very visible, and malware experts caution that warnings from appropriate anti-malware products may be your only clue to the presence of Mal/ExpJS-AA or its Trojan companion.

In addition to its dependency on the prerequisite JavaScript package to exploit, Mal/ExpJS-AA is also noted as a Windows-specific PC threat, along with Troj/PDFEx-ET. Non-Windows operating systems such as Mac and Linux should be considered safe from any Mal/ExpJS-AA attacks.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Mal/ExpJS-AA may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.