Remove Trojan.Spadenf
Posted on: June 23rd, 2009
| Discovered: | June 22, 2009 |
| Updated: |
June 23, 2009 7:25:07 AM |
| Type: |
Trojan |
| Systems Affected: |
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP |
| Recommended Action: | |
 In order to Remove Trojan.Spadenf you need to Download the ‘No Adware’ remover software. Based on our testing this was the best peforming remover of Trojan.Spadenf .. |
|
| Technical Details: |
| When executed, the Trojan copies itself as the following file:
%System%\servises.exe It then creates the following registry entries so that it runs every time Windows starts:
It also creates the following registry entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\services\”del” = “%SystemDrive%\[ORIGINAL THREAT FILE NAME].exe” It then attempts to download a file from the following URL: [http://]91.207.4.122/spm/get_i[REMOVED]
Note: At the time of writing the above URL is inaccessible. The downloaded file is saved as the following file: %System%\_id.dat The Trojan then attempts to download configuration information from the following URL: [http://]91.207.4.122/spm/page[REMOVED] Note: At the time of writing the above URL is inaccessible. The following email characteristics may be preconfigured by the remote attacker:
The Trojan then attempts to send spam emails from the compromised computer. The Trojan may also perform the following actions:
|
| Action Steps: |
| FREE SCAN: NoAdware can Remove Trojan.Spadenf . Click the link below for your free download & scan your PC now.
Please click here for manual removal instructions. |
