Published Jan 11, 2012 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Trojan-Downloader.JS.Iframe.crr (Kaspersky) JS/Obfuscator.V (Norman) JS/Obfuscated.ZX (Avira) Trojan.Downloader.JS.QH (BitDefender) Trojan.JS.Blacole (Ikarus) JS/Exploit-Blacole.l (McAfee)


Trojan:JS/BlacoleRef.V is a malicious JavaScript that is used by an exploit kit known as "Blackhole". If the script is run within a vulnerable computer environment, it could lead to the download and execution of arbitrary files.

For more information about the Blackhole exploit kit, please see the description for "Blacole" elsewhere in the encyclopedia.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

For more information on antivirus software, see

Follow us