Trojan-spy.html.fraud.gen

Posted: May 15, 2012

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	9/10
Infected PCs:	90

First Seen:	May 15, 2012
OS(es) Affected:	Windows

Trojan-spy.html.fraud.gen is a heuristic label for malicious HTML pages that use Iframe-based exploits to redirect your browser to sites hosting hostile content. These redirects may exploit scripts such as Flash or Java, and, in some cases, can be defeated by simply keeping your browser and script packages updated to close exploits that are used for redirect attacks. Redirects by Trojan-spy.html.fraud.gen can promote malicious software or attacks against your computer and personal information; the exact type of attack can vary with the URL that Trojan-spy.html.fraud.gen is set to promote. Trojan-spy.html.fraud.gen is particularly common as a form of e-mail content and can be indicative of phishing spam or similar types of e-mail-based hoaxes. However, in some cases, Trojan-spy.html.fraud.gen can also be a false positive and may be detected with innocent e-mail messages. If you're certain that a Trojan-spy.html.fraud.gen alert is inaccurate, SpywareRemove.com malware researchers recommend that you contact the relevant PC security company so that they can update their databases and remove the alert in the next security patch.

Trojan-spy.html.fraud.gen: a Generically-Applicable Danger to Every PC with an E-mail Account

Trojan-spy.html.fraud.gen may be encountered by other methods that involve web browser-based content, but, in most cases, is only seen as part of a mass-mailed e-mail scam. Popular hoaxes include world news articles, 'work at home' employment offers and package delivery notifications. Depending on the formatting of the message and how your browser settings are geared, Trojan-spy.html.fraud.gen may be embedded in the message and be loaded automatically, although anti-malware products should be able to find and block Trojan-spy.html.fraud.gen in such scenarios. SpywareRemove.com malware researchers recommend using strong browser settings (such as disabling scripts by default) as part of your protection from Trojan-spy.html.fraud.gen attacks.

Trojan-spy.html.fraud.gen is always some form of redirect attack that will attempt to make your browser load a malicious website, but the destination website can vary from one variant of Trojan-spy.html.fraud.gen to the next variant. Common attacks that have been linked to Trojan-spy.html.fraud.gen and similar types of redirect-based PC threats (such as Trojan.JS.Redirector) include:

Phishing scams that attempt to use Trojan-spy.html.fraud.gen's redirect to encourage you to give up personal information. Online phishing sites may imitate legitimate websites or include fake offers alongside sign-up forms that request your e-mail address or other types of confidential information.
Attempts to install PC threats onto your computer by fraudulent marketing or by automated scripts. Scripts like Flash and Java can be used to install harmful software invisibly and without permission – unless, of course, you have these features disabled or keep them updated to minimize their vulnerabilities.

Why Keeping on Top of Updates is a Good Second Defense Against Trojan-spy.html.fraud.gen

Because Trojan-spy.html.fraud.gen, like other browser redirect-based PC threats, uses a variety of exploits to trigger its attacks, you should protect against likely exploits by keeping all related software updated. Related software includes your web browser, Adobe-brand software, JavaScript and other script packages, as well as, of course, your anti-malware products. Even with full updates, any PC will still be vulnerable to zero-day exploits that haven't been patched, and SpywareRemove.com malware experts suggest keeping anti-malware programs around for detecting Trojan-spy.html.fraud.gen attacks immediately.

As long as all of your software is updated, you shouldn't experience many false positives for Trojan-spy.html.fraud.gen. Some known types of false Trojan-spy.html.fraud.gen warnings have triggered with Bank of America and Amazon.com e-mail messages, especially in the case of daily bargains and account notifications. Nevertheless, SpywareRemove.com malware researchers recommend that you be cautious about interacting even with e-mail messages from these sources until you've verified the safety of any links that are included, since many spam campaigns have been known to spoof their 'sender' fields and imitate legitimate companies.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

file.exe

File name: file.exe
Size: 4.73 MB (4736934 bytes)
MD5: 5d9fd60eddc40b838a31a9ab4eddbac4
Detection count: 36
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: June 18, 2012