My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Trojan.JS.QAF

MEDIUM
MEDIUM
aprox 800 bytes
(TR/Agent.axe.6, JS:Illredir-A, Trojan.Iframe-14, JS/Redirector.c, Trojan:JS/Redirector.BF, Troj/JSRedir-AK)

Symptoms

The Trojan written in JavaScript starts with the comment "/*GNU GPL*/" .

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Daniel Chipiristeanu, virus researcher

Technical Description:

The Trojan is a special written JavaScript, designed in a cryptic way in order to avoid detection or to make the code harder to be read.

 

When browsing, the user gets redirected to an infected website. The encrypted script creates an "IFrame" which redirects to " http://google-cn.msn.ca.shoplocal-com.[removed].ru:8080/interia.pl/interia.pl/google.com/empflix.com/debonairblog.com/. "