Trojan.Simda.gen!A is a kernel-mode component of the Simda family, a group of cooperative Trojans that steal personal information and bypass your PC’s security. Due to the multifaceted and heavily invasive nature of any Simda infection, the presence of Trojan.Simda.gen!A or any other Simda-related Trojan should be considered a high-level threat to your computer, even though SpywareRemove.com malware researchers warn that Trojan.Simda.gen!A is unlikely to show symptoms besides its browser redirects. Because Trojan.Simda.gen!A and related PC threats use code injection, as well as other techniques, to conceal their attacks, you should rely on anti-malware software for the purposes of detecting and deleting Trojan.Simda.gen!A and other Trojans.
Trojan.Simda.gen!A: Just a Little Browser Bug… with a Shield for Other Threats
Trojan.Simda.gen!A is installed by Trojans that are responsible for downloading and launching most components of a Simda infection, which usually includes backdoor Trojans and, in some cases, spyware. Trojan.Simda.gen!A has two completely separate functions, only one of which has any serious level of visibility, as SpywareRemove.com malware research team has noted:
- Firstly, Trojan.Simda.gen!A is responsible for redirecting your web browser to malicious websites. Trojan.Simda.gen!A has been found to attack multiple types of browsers in this fashion such as Internet Explorer and Firefox.
- Trojan.Simda.gen!A also handles the loading of other Simda components and associated code into unrelated system processes. Depending on the case, you may detect this behavior by noting unusual resource usage from csrss.exe, explorer.exe and other processes that are included in Windows by default.
Why What You Can’t See Can Still Hurt You in Trojan.Simda.gen!A’s Case
Like the other components that are, themselves, installed and loaded by Trojan.Simda.gen!A, Trojan.Simda.gen!A is installed and then injected into a system process by the original Simda installer (which may be identified by Backdoor:Win32/Simda.A).
Because Trojan.Simda.gen!A and other members of the Simda family use kernel-mode access to compromise your computer, you may experience system malfunctions even from Safe Mode. SpywareRemove.com malware experts recommend booting your PC from a removable USB device as a means of preventing Trojan.Simda.gen!A from launching and giving you a pristine environment from which to scan your computer.
Trojan.Simda.gen!A is known by aliases that include Generic Proxy!bf, BDS/Proxyier.ain and Backdoor.Win32.Proxyier.ain – the recurring theme of ‘proxy’ is an indication of Trojan.Simda.gen!A’s functions as a browser hijacker that intercepts website requests and redirects them towards malicious destinations. SpywareRemove.com malware analysts note that, at this time, Trojan.Simda.gen!A and other Simda Trojans are limited to attacking Windows computers.
Posted: December 7, 2011 | By SpywareRemove
Threat Level: 8/10
Rate this article:
Detection Count: 4,602