Follow:

 

Trojan:JS/Redirector


Microsoft security software detects and removes this threat.

The threat is a piece of JavaScript code that is inserted on bad or hacked websites. It can direct your browser to a website you don't want to go to.

You might see the detection for this threat if you visit a bad or hacked website, or if you open an email message.

Find out ways that malware can get on your PC.  



What to do now

The following free Microsoft software detects and removes this threat:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Threat behavior

This JavaScript trojan may be present on a malicious website, and may redirect you to a website you weren't expecting to go to.

The trojan might also appear in HTML email messages.

We have seen the trojan try to redirect websites to the following:

  • mcfnmhumpnf.com
  • fgytogmtwe.com
  • chrisbecfiis.com

Files detected as Trojan:JS/Redirector are usually obfuscated.

Analysis by Francis Allan Tan Seng


Symptoms

Alerts from your security software may be the only symptom.


Prevention


Alert level: Severe
First detected by definition: 1.49.724.0
Latest detected by definition: 1.117.2303.0 and higher
First detected on: Dec 18, 2008
This entry was first published on: Jan 05, 2010
This entry was updated on: Aug 12, 2014

This threat is also detected as:
  • Trojan.JS.Redirector (Ikarus)
  • Packed.JS.Agent.bp (Kaspersky)