Trojan.JS.Agent.GLM
Posted: September 13, 2012
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 1,290 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 138,791 |
| First Seen: | September 13, 2012 |
|---|---|
| Last Seen: | October 17, 2023 |
| OS(es) Affected: | Windows |
Trojan.JS.Agent.GLM is a Trojan that can avoid detection from security applications and infect targeted PCs by exploiting security vulnerabilities. Trojan.JS.Agent.GLM strives to find vulnerabilities and exploit them in an attempt to download and install additional malware threats. Once installed on a compromised machine, Trojan.JS.Agent.GLM will take over system resources and make your computer's performance slow and unstable. Trojan.JS.Agent.GLM can also trace your Internet habits to record and/or steal your confidential information and then relay it to remote attackers.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\documento_Img_1605084528631008.js
File name: documento_Img_1605084528631008.jsSize: 90.64 KB (90648 bytes)
MD5: 71cdff4f76bc7dba271370d0276ae480
Detection count: 110
File type: JavaScript file
Mime Type: unknown/js
Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: July 16, 2020
file.js
File name: file.jsSize: 752.6 KB (752603 bytes)
MD5: 5a3d6949c416df6ff12a5e9bfe9816c0
Detection count: 92
File type: JavaScript file
Mime Type: unknown/js
Group: Malware file
c:\Users\<username>\appdata\roaming\vncckgk\xfkhcyyii.js
File name: xfkhcyyii.jsSize: 44.58 KB (44589 bytes)
MD5: 4d632f12b148800eeeb2bdd9eaba9a98
Detection count: 44
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\vncckgk
Group: Malware file
Last Updated: August 5, 2020
%SYSTEMDRIVE%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\urqaRBZIjY.js
File name: urqaRBZIjY.jsSize: 8.57 KB (8572 bytes)
MD5: 1b4f3567336837d2928f335d37e98b61
Detection count: 37
File type: JavaScript file
Mime Type: unknown/js
Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\urqaRBZIjY.js
Group: Malware file
Last Updated: July 16, 2020
C:\Users\<username>\AppData\Roaming\tmp2E.tmp.js
File name: tmp2E.tmp.jsSize: 131.07 KB (131072 bytes)
MD5: ac50459604801285547d61c2f03865e3
Detection count: 35
File type: JavaScript file
Mime Type: unknown/js
Path: C:\Users\<username>\AppData\Roaming
Group: Malware file
Last Updated: May 2, 2022
%SYSTEMDRIVE%\Users\<username>\appdata\roaming\qgial\odciithy.js
File name: odciithy.jsSize: 44.72 KB (44722 bytes)
MD5: 9900c921249d899a3cb13c8bd9806839
Detection count: 28
File type: JavaScript file
Mime Type: unknown/js
Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\qgial\odciithy.js
Group: Malware file
Last Updated: October 5, 2021
C:\Users\<username>\AppData\Roaming\LfutufXylK.js
File name: LfutufXylK.jsSize: 92.93 KB (92936 bytes)
MD5: 82eb620313e374ffc8597028ed3a6c61
Detection count: 26
File type: JavaScript file
Mime Type: unknown/js
Path: C:\Users\<username>\AppData\Roaming
Group: Malware file
Last Updated: August 5, 2020
c:\Users\<username>\appdata\roaming\bpvxuky\dumnvdydb.js
File name: dumnvdydb.jsSize: 44.71 KB (44718 bytes)
MD5: 3b2f10d7eb1d996ffcd48169310ac990
Detection count: 16
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\bpvxuky
Group: Malware file
Last Updated: August 5, 2020
c:\Users\<username>\appdata\roaming\njoyee\lvrhauvu.js
File name: lvrhauvu.jsSize: 140.37 KB (140377 bytes)
MD5: d29d9a58d6bdea4230e2cdfad1793e12
Detection count: 16
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\njoyee
Group: Malware file
Last Updated: January 24, 2022
%SYSTEMDRIVE%\Users\<username>\appdata\roaming\knwpqpfb\iatimi.js
File name: iatimi.jsSize: 89.08 KB (89084 bytes)
MD5: b9d2e0402fbcc9d92ad7e6f3bf953eb8
Detection count: 14
File type: JavaScript file
Mime Type: unknown/js
Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\knwpqpfb
Group: Malware file
Last Updated: August 25, 2022
c:\Users\<username>\appdata\roaming\kdsgdilf\iipfjy.js
File name: iipfjy.jsSize: 140.32 KB (140325 bytes)
MD5: dd4edc0a940df56e697581eebff45693
Detection count: 12
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\kdsgdilf
Group: Malware file
Last Updated: August 5, 2020
c:\Users\<username>\appdata\roaming\ucxvfgt\sthhc.js
File name: sthhc.jsSize: 45.09 KB (45090 bytes)
MD5: 9d6023624349d133b142caca44dd67e8
Detection count: 9
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\ucxvfgt
Group: Malware file
Last Updated: August 5, 2020
c:\Users\<username>\appdata\roaming\jieio\hidfplb.js
File name: hidfplb.jsSize: 44.58 KB (44589 bytes)
MD5: e37d545c1ff2d48f1623282a12afa557
Detection count: 9
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\jieio
Group: Malware file
Last Updated: August 5, 2020
%ALLUSERSPROFILE%\FJPsSU.js
File name: FJPsSU.jsSize: 19.27 KB (19272 bytes)
MD5: 95eca872981f9f7d839fc19293a6d4c0
Detection count: 7
File type: JavaScript file
Mime Type: unknown/js
Path: %ALLUSERSPROFILE%\FJPsSU.js
Group: Malware file
Last Updated: August 3, 2020
%SYSTEMDRIVE%\Users\<username>\appdata\roaming\microsoft\windows\start menu\programs\startup\lcownavaaf.js
File name: lcownavaaf.jsSize: 120 KB (120008 bytes)
MD5: 5f548f40d07c4fa8c57fb10821b22bf6
Detection count: 7
File type: JavaScript file
Mime Type: unknown/js
Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\microsoft\windows\start menu\programs\startup
Group: Malware file
Last Updated: July 16, 2020
c:\Users\<username>\appdata\roaming\mbklr\ojsqqdwt.js
File name: ojsqqdwt.jsSize: 43.2 KB (43205 bytes)
MD5: f38103c77d8f39716a32a477d26c3313
Detection count: 7
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\mbklr
Group: Malware file
Last Updated: August 5, 2020
c:\Users\<username>\appdata\roaming\jdqrtfhhx\lumdwht.js
File name: lumdwht.jsSize: 44.64 KB (44644 bytes)
MD5: eecd0d33e2307fa0f55a744bd5d4d32e
Detection count: 5
File type: JavaScript file
Mime Type: unknown/js
Path: c:\Users\<username>\appdata\roaming\jdqrtfhhx
Group: Malware file
Last Updated: August 5, 2020
C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qDjMhpyUNqpugmQpPkiWeoHiWNnVXN.js
File name: qDjMhpyUNqpugmQpPkiWeoHiWNnVXN.jsSize: 367B (367 bytes)
MD5: 2837b741a9d7ce1c3a1313503b9bbc42
Detection count: 5
File type: JavaScript file
Mime Type: unknown/js
Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: July 16, 2020
C:\Users\<username>\AppData\Roaming\IAStorUI.js
File name: IAStorUI.jsSize: 163.33 KB (163338 bytes)
MD5: 88cc4e72704cb0aad344a9d5ed10cb8e
Detection count: 5
File type: JavaScript file
Mime Type: unknown/js
Path: C:\Users\<username>\AppData\Roaming
Group: Malware file
Last Updated: August 5, 2020
More files
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%allusersprofile%\[RANDOM CHARACTERS].js%appdata%\[RANDOM CHARACTERS].js%appdata%\[RANDOM CHARACTERS].jse%APPDATA%\DSAdaDSDA.js%appdata%\microsoft\windows\start menu\programs\startup\[NUMBERS].js%appdata%\microsoft\windows\start menu\programs\startup\[RANDOM CHARACTERS].js%appdata%\microsoft\windows\start menu\programs\startup\[RANDOM CHARACTERS].jse%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Flash Player 11.js%appdata%\microsoft\windows\start menu\programs\startup\chrome.js%appdata%\microsoft\windows\start menu\programs\startup\extract.js%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\inv.js%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\temp[RANDOM CHARACTERS].js%APPDATA%\microsoft\windowsindexingservice.js%localappdata%\[RANDOM CHARACTERS].js%PUBLIC%\libraries\windowsindexingservice.js%TEMP%\update.js%userprofile%\(?!ip_log_data|network_meter_data)[RANDOM CHARACTERS].js
Regexp file mask%allusersprofile%\[RANDOM CHARACTERS].js%appdata%\[RANDOM CHARACTERS].js%appdata%\[RANDOM CHARACTERS].jse%APPDATA%\DSAdaDSDA.js%appdata%\microsoft\windows\start menu\programs\startup\[NUMBERS].js%appdata%\microsoft\windows\start menu\programs\startup\[RANDOM CHARACTERS].js%appdata%\microsoft\windows\start menu\programs\startup\[RANDOM CHARACTERS].jse%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Flash Player 11.js%appdata%\microsoft\windows\start menu\programs\startup\chrome.js%appdata%\microsoft\windows\start menu\programs\startup\extract.js%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\inv.js%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\temp[RANDOM CHARACTERS].js%APPDATA%\microsoft\windowsindexingservice.js%localappdata%\[RANDOM CHARACTERS].js%PUBLIC%\libraries\windowsindexingservice.js%TEMP%\update.js%userprofile%\(?!ip_log_data|network_meter_data)[RANDOM CHARACTERS].js
Additional Information
The following directories were created:
%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\fffdibkepdhebmljdkdjlgibpjpaflhi
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.