Full
Name: |
ASpam |
| Type: |
Trojan |
| Also Known As: |
W32.ASpam.Trojan.B (Symantec) |
| Danger Level: |
5 |
| Category Description: |
Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software. |
| Comment: |
The installer was attached to a mass-mailing from Microsoft (aspam@microsoft.com), offering an anti-spam feature for Outlook Express.
Creator unknown. |
| |
|
| Properties: |
|
| Manual Removal: |
No uninstall feature, but many anti-virus tools target the ASpam trojan.
Manual removal
Open the registry (Start->Run->regedit) and delete the following keys. For variant Amcis:
HKEY_LOCAL_MACHINE\Software\Classes\AMCIS32.IEClass
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{657B9354-BB3B-4500-A9B0-109B4FA64815}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{657B9354-BB3B-4500-A9B0-109B4FA64815}
For variant Drvman:
HKEY_LOCAL_MACHINE\Software\Classes\DRVMAN32.IEClass
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{499DB658-1909-420B-931A-4A8CAEFD232F}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{499DB658-1909-420B-931A-4A8CAEFD232F}
(Ignore the 'DontDelete' subkey in Browser Helper Objects.) Restart the computer and you should be able to delete the AMCIS32.DLL file in the System folder (to be found inside the Windows folder, 'System' under Windows 95/98/Me, 'System32' under Windows NT/2000/XP).
|
