Last day my pc was infected with a trojan and i realise my very high sent trafic going from my pc ,, i doubt that thing coz that thing always happen when i open the pc and there's no download or upload or any networking process thought i opened task manager to see if there any suspiouse files i found some files one of them was this file [aspimgr.exe]
when i terminated it's process the trafic is ok again so shortly here's my search result
Severity scale: (36 / 100)
Asprox is a trojan that runs a hidden proxy on the compromised computer. Computers from all over the world can connect to the infected system. The parasite runs as a service on every Windows startup.
Related files: aspimgr.exe, _check32.bat, ws386.ini
Asprox properties:
• Allows remote user connection
• Hides from the user
• Stays resident in background
Asprox manual removal:
Kill processes:
aspimgr.exe
Delete registry values:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\aspimgr
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\sft
Delete files:
aspimgr.exe, _check32.bat, ws386.ini
Misc:
Asprox uses TCP ports 80 and 82.
Exact file location:
ws386.ini - C:\WINDOWS or C:\WINNT
aspimgr.exe - C:\WINDOWS\System32 or C:\WINNT\System32
_check32.bat - C:\Documents and Settings\[Current User]\Local Settings\Temp
Remove Asprox> Description and removal instructions
Remove Asprox. Description and removal instructions
العرض العادي
