ASpam Description:
ASpam is remote access trojan implemented as
an IE Browser Helper Object. It is not really
Unsolicited Commercial Software as it has no
known commercial aim, but it is included in the
detection script at this site as it is a threat
detectable from web pages. ASpam/Amcis : installs
the BHO under the filename AMCIS32.DLL, with
object name Amcis32. ASpam/Drvman : the file and
object name is DRVMAN32 instead and the classid
is different. The installer ASPAM.EXE was
attached to a mass-mailing purported to come from
Microsoft (aspam@microsoft.com), offering an
anti-spam feature for Outlook Express. The actual
author is not currently known.
ASpam Automatic Removal:
Using BPS
Spyware & Adware Remover to remove
ASpam AUTOMATICALLY!
Sponsored Links:
ASpam Manual Removal:
Open the registry (Start->Run->regedit)
and delete the following keys.
For variant Amcis:
HKEY_LOCAL_MACHINE\Software\Classes\AMCIS32.IEClass
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{657B9354-BB3B-4500-A9B0-109B4FA64815}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper
Objects\{657B9354-BB3B-4500-A9B0-109B4FA64815}
For variant Drvman:
HKEY_LOCAL_MACHINE\Software\Classes\DRVMAN32.IEClass
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{499DB658-1909-420B-931A-4A8CAEFD232F}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper
Objects\{499DB658-1909-420B-931A-4A8CAEFD232F}
(Ignore the 'DontDelete' subkey in Browser
Helper Objects.) Restart the computer and you
should be able to delete the AMCIS32.DLL file in
the System folder (to be found inside the Windows
folder, 'System' under Windows 95/98/Me,
'System32' under Windows NT/2000/XP).
More
Removal Instructions for Adware/Spyware Programs - 'A'
| 
