W32.Aspam.Trojan.B: Description, Effects, and Removal.
 

W32.Aspam.Trojan.B refers to a spyware and a BHO (Browser Helper Object) that can contaminate Windows 98, XP, and Vista. It disguises its files as Anti-Spyware software from Microsoft.

W32.Aspam.Trojan.B Penetrating Methods

The infection was propagated via email messages using the URL Microsoft.com. When the message is accidentally executed by the user, the W32.Aspam.Trojan.B will initiate its malicious operation.

The W32.Aspam.Trojan.B replicates its files into the hard drive using the file name W32.Aspam.Trojan.B and the process name drvman.32.dll. It drops the main process name inside the System32 folder, and attempt to alter various registry keys to guarantee its effect upon the succeeding Windows start up process.

How to Avoid W32.Aspam.Trojan.B Infection

It is recommended to always turn the firewall on to obstruct linkage to various internet services that is capable to exploit a vulnerable system. Update the necessary security program and install it immediately. Experts advise the user to acquire a good security program.

W32.Aspam.Trojan.B Infection Symptoms

The W32.Aspam.Trojan.B may try to halt various running processes, and try to delete legitimate services such as firewalls and antivirus programs. The main executable file, hotpmsta.exe, will download and install unauthorized files from remote server onto the contaminated system. This Trojan may download data from specific web site. The obtained files are saved within the Windows Temp folder using various names. These files are secretly launched and executed.

W32.Aspam.Trojan.B Effects

When active, it may exploit the systems security tool allowing the invader to gain access to a system on remote area. The exploit is a typescript that pinpoints particularly the programming setback in able to broadcast malicious files, which endangers the operating system. It also tries to disable certain applications and processes within the Task Manager.

The W32.Aspam.Trojan.B may display, monitors, and saves the entire file movement on an operating system. it might exhibit which processes and application have loaded and opened. This monitoring system records every movement executed and saves the information for further study. The information is utilized for record verification and to offer additional services. The W32.Aspam.Trojan.B is crafted to execute uninformed code from various servers. Systems are susceptible to DNS attacks including hitting on active servers.

Easy W32.Aspam.Trojan.B Removal

According to various recommendations, use the True Sword or Avast! to fully eliminate the W32.Aspam.Trojan.B. It may also protect the system from other threats lurking on the Internet. Delete all the processes detected by the security software.

How to manually remove W32.Aspam.Trojan.B

To manually eradicate the W32.Aspam.Trojan.B, remove the following registry entries and files out of the system using the Registry Editor. From Start Menu, access the Run > regedit > Enter. Locate the following and delete:
• HKEY_CLASSES_ROOT\ clsid\ {499db658 – 1909 - 420b - 931a - 4a8caefd232f}
• HKEY_LOCAL_MACHINE\ software\ classes\ clsid\ {499db658 – 1909 - 420b - 931a - 4a8caefd232f}
• HKEY_LOCAL_MACHINE\ software\ microsoft\ windows\ currentversion\ explorer\ browser_helper_objects\ {499db658 – 1909 - 420b - 931a - 4a8caefd232f}
• drvman32.dll