Win32 FlyStudio

This is a trojan that comes in as an application and will collect data and sends it to a hacker or the owner of the threat.Trojans are also called backdoors, which means the information stolen from a computer system is sent back to the intruder. The file name would be a random number and will show  up as Fly studio of Size 1.5 Mb. This is also called Trojan.Dropper that drops different malware with some payload to execute some code.


Droppers are used by malware creators to disguise their malware. They create confusion amongst users by making them look like legitimate applications or well known and trusted files. The main purpose of  would be to deliver the enclosed payload to the destination computer

Effects:

• It will  create a number of files and processes running on the system and uses memory on the processor to execute its malicious code. 
• It is a polymorphic virus, that will come as different application every time it appears and as a legitimate and famous applications like word file, games, and some downloads that will help assist in optimizing the computer. 
• They may also perform actions that mislead the user into thinking that nothing untoward is happening on the computer when in fact the Trojan may have already dropped and executed other malicious software.
• It is not easily detected by the security software. 
• It will replicate itself and will install copies in system32 folder with hidden attributes.
• user_profile\local settings\temporary internet files\content.ie5 folder.
•  It will modify the data
  %path1% = hkey_users\s-1-5-21-1202660629-602609370-839522115-500\software\microsoft\windows\currentversion\explorer\mountpoints2
  
  %path1%\a\ : baseclass =drive
  %path1%\c\ : baseclass =drive
  %path1%\d\ : baseclass =drive
  
  
  %path1%\e\ : baseclass =drive
  
  
  To remove this we may need to use Trojan remover, House call, or any good anti-virus program.