Troj/FlsplyBD-A
The Troj/FlsplyBD-A Trojan (which also goes by the name of Trojan-Downloader.Win32.Agent.ujhb) is a backdoor Trojan. That is, Troj/FlsplyBD-A establishes an opening in the infected computer's security which allows a criminal to access it, much like an unguarded back door allows robbers to enter a building. Troj/FlsplyBD-A is usually installed as a result of several JavaScript exploits which will then install a Trojan downloader which varies depending on the infected computer system's operating system. Troj/FlsplyBD-A spies on the infected computer's activities and creates files with misleading names (e.g., adobeup.exe) to hide itself and its activities. It also allows criminals to take over the infected computer system, gaining full access and the capacity to control the victim's computer system from a remote location. If you suspect that you have been exposed to Troj/FlsplyBD-A, ESG security analysts advise the use of a dependable anti-malware program to scan your hard drives thoroughly.
An Overview of Troj/FlsplyBD-A Attack
Troj/FlsplyBD-A will attack computer systems using the Windows operating system. While the JavaScript exploits that lead to this infection can target Mac OS X and Linux operating systems, the backdoor Trojan installed differs for these operating systems. Troj/FlsplyBD-A does not display obvious symptoms since Troj/FlsplyBD-A is much more effective at its task if Troj/FlsplyBD-A can remain undetected on the victim's computer system. An overview of the hostile actions that Troj/FlsplyBD-A takes includes the following:
- Troj/FlsplyBD-A will place an executable file in the victim's computer, disguised as an updated for adobe software, named adobeup.exe. Troj/FlsplyBD-A makes changes to the Windows registry so that this executable file is loaded automatically as soon as Windows starts up, allowing Troj/FlsplyBD-A to run automatically in the background.
- Troj/FlsplyBD-A can gather information on the infected computer system, in particular with regard to its security updates and status in order to make its attacks more effective.
- Troj/FlsplyBD-A can also connect to a remote server and download and install other malware. Examples of malware that Troj/FlsplyBD-A has downloaded include spyware, rogue security software, and keylogger Trojans.
- Troj/FlsplyBD-A attempts to evade removal by interfering with known security software and preventing removal of its files and file processes through normal methods.
Since Valentine's Day of 2012, Windows and Linux-based computer systems are protected against the JavaSCript exploit that allows criminals to install Troj/FlsplyBD-A. The security update that protects Mac OS X operating system was released in mid-April, making computer systems with a version of Mac OS X previous to 10.6 vulnerable to this attack.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. |
C:\Documents and Settings\ |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.