Troj/JSRedir-EX
Posted: February 3, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 92 |
| First Seen: | February 3, 2012 |
|---|---|
| OS(es) Affected: | Windows |
Troj/JSRedir-EX is a Trojan that's propagated by mass-mailed (or 'spam') e-mail. The delivery mechanism for Troj/JSRedir-EX is partially but incompletely loaded in certain brands of e-mail clients, and, as of the time of this writing, Troj/JSRedir-EX must be manually downloaded and launched before Troj/JSRedir-EX can harm your PC (despite reports to the contrary by some sources). Because many companies have only developed protection against Troj/JSRedir-EX as of February 1st 2012, SpywareRemove.com malware experts stress the necessity of maintaining your anti-malware applications updated so that Troj/JSRedir-EX and related PC threats can be identified before installation or removed after it. Spam e-mail that contain Troj/JSRedir-EX may pose in the form official messages from insurance companies or banking institutions, and you should take care to avoid downloading file attachments from a source that hasn't been confirmed to be what it says it is.
Troj/JSRedir-EX – Riding a Wave of Panic Over Drive-by-Downloads
Like other types of PC threats that propagate as e-mail file attachments, Troj/JSRedir-EX requires you to open its attachment before Troj/JSRedir-EX can attack your PC, but some sources have also inaccurately reported that Troj/JSRedir-EX can load whenever the e-mail itself is opened. So far, this behavior hasn't been able to be duplicated by outside sources, and SpywareRemove.com malware researchers consider it likely to be a case of confusion with the capabilities of e-mail clients that display embedded HTML content by default. Troj/JSRedir-EX has been known to be distributed as a fake account suspension notice by FDIC (the Federal Deposit Insurance Corporation), using the header 'Banking Security Update' and misrepresenting the sender's address as being from FDIC.
However, e-mail clients with poor security or that are unpatched may be additionally vulnerable to this method of Troj/JSRedir-EX distribution, and, as always, SpywareRemove.com malware experts warn you to keep your software updated to minimize any possibility of exploits that use patched security flaws. Related PC threats that may also be distributed with Troj/JSRedir-EX or assist with its installation include both malicious Flash content (Troj/SWFExp-AI) and malicious PDF files (Troj/PDFJS-UL and Troj/PDFEx-ET).
If It's Too Late to Avoid That Troj/JSRedir-EX E-mail
If you've opened Troj/JSRedir-EX's file attachment, your PC has become infected by multiple Trojans – unless, of course, you're using a non-Windows operating system, since Troj/JSRedir-EX and the other PC threats noted earlier are all specific to the Windows platform. Troj/JSRedir-EX has been noted to make contact with remote servers, and even though some of its previous websites have since been shut down, Troj/JSRedir-EX may still use other websites to download additional PC threats or to serve as repositories for personal information that Troj/JSRedir-EX steals from your PC.
Due to the multiple types of harmful software that are likely to be present on any computer that's also playing host to Troj/JSRedir-EX, SpywareRemove.com malware experts recommend that you scan your entire PC whenever you suspect Troj/JSRedir-EX's presence. Symptoms of Troj/JSRedir-EX's attacks can vary with its instructions and may not be present at all. Assuming that Troj/JSRedir-EX has attacked your computer after you've opened any type of suspicious file attachment, especially from fraudulent FDIC sources, can be considered to be the wisest course of action.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.