TR/ATRAPS.Gen2 is a generic detection to identify several Trojan or malware that shares the same characteristics. This detection method was created to classify threats that originates from the same group or families. As for last update (July 12, 2012), this Trojan is involved in spreading a hack tool that will generate revenue to the attacker. The detection method is expected to enhance as the Trojan develops.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista/7
TR/ATRAPS.Gen2 is a heuristic detection. As such, payloads may vary from one infection to another. There are no typical visible symptoms for this Trojan. However, most antivirus software will display an alert when encountering the illicit actions perpetuated by this threat.
Member of this family of Trojans are made with diverse sets of payloads. Thus, each variant have unusual effect on the PC. Some of the common actions it may initiate towards the infected computer are as follows:
- TR/ATRAPS.Gen2 targets computer that visits explicit and other compromised web sites.
- The Trojan can steal sensitive information from the infected computer.
- It can also deactivate various Windows functions such as Registry Editor, Task Manager, and Folder Options.
- The Trojan may help propagate rogue security applications and other malicious software.
- It may connect to a distant computer to download additional malware.
This kind of Trojan basically spread through infected web sites. In most occasions, TR/ATRAPS.Gen2 pretends as a coder/decoder (codec) that can be found on explicit web sites. Using a highly developed method, it often conceals itself from antivirus application. It has a tendency to end process that belongs to antivirus and firewall application. Moreover, TR/ATRAPS.Gen2 will drop several harmful files under Windows folder. However, the Trojan was not designed to spread locally via network transmission.
Update antivirus program can block and delete TR/ATRAPS.Gen2 before it can infect a computer. Image below is a proof that antivirus program with real-time protection can prevent Trojan from infecting a system.