Skip to content
1-888-762-8736(M-F 8:00am-5:00pm CST)
1-877-218-7353(M-F 8:00am-5:00pm CST)
href="http://www.trendmicro.com/us/enterprise/index.html" id="ENT-overview-test2" title="SEE ALL ENTERPRISE SOLUTIONS">Enterprise Overview
This Trojan executes when a user accesses certain websites where it is hosted.
This Trojan gathers the following data:
This Trojan sends the gathered information via HTTP POST to the following URL:
This Trojan is hosted on the following website:
It checks for the following running Anti-virus related processes:
It reports if any of these applications are installed.
It attempts to terminate Bitdefender 2012 if netdefender/hui/ndhui.js is found on the webpage.
It loads the following URL:
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Close all opened browser windows
Scan your computer with your Trend Micro product to delete files detected as JS_KILLAV.AA. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Connect with us on
| | | |