Know Your Malware: Shpiel Removal


Shpiel is a backdoor, which provides the attacker with unauthorized remote access to the compromised computer. Once executed, Shpiel silently installs itself to the system and launches a hidden FTP server, which allows uploading and remote file execution. The intruder can upload arbitrary, potentially malicious files and run them. The backdoor automatically runs on every Windows startup.

Related files: lovcx.exe, lsass1.exe, msnupdate.exe, saveruser.exe, winbackup.exe, winfog.exe, winlog.exe, winsock.exe, winsress.exe, winsys.exe

Shpiel properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Shpiel, removal instructions

Linked by shanmuga Friday, 6th January 2006 2:55AM