Troj/Spywad-C is a Trojan for the Windows platform.
Troj/Spywad-C displays an HTML file that claims the system is infested with spyware, in an attempt to lure the user into visiting certain websites. The Trojan also installs itself in such a way as to consume considerable system resources.
The HTML files dropped by the Trojan contain the following text:
DANGER: SPYWARE
Full system scan results:
3 Spyware infections
27 Spyware tracks
95 Adult-oriented websites tracks
3 Programs with probable keylogging activity
Windows recommends you the following software products to keep your PC safe
The Trojan may also open websites that claim to sell anti-spyware products.
Troj/Spywad-C copies itself to the Windows folder and the Windows system folder many times under three letter random filenames with EXE extensions. These copies may overwrite existing system files with three letter names. The Trojan sets each copy to be run on startup by creating registry entries of the following form:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
<random three letter key name>
<path to Trojan>
The Trojan drops three HTML files in the Windows folder, two as DESKTOP.HTML and POPUP.HTML and one as a random three letter filename with an HTML extension. The Trojan attempts to set DESKTOP.HTML as the Windows Wallpaper, making registry changes in the following locations:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\General
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\SafeMode\General
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
HKCU\Control Panel\Desktop
HKLM\SOFTWARE\Microsoft\Internet Explorer\Desktop\General
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User shell folders
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User shell folders