Sunday, November 16, 2008

Slagent Trojan

Removing Slagent
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Slagent Also known as:

[Kaspersky]TrojanDownloader.Win32.Wintrim.az,TrojanDownloader.Win32.Agent.ad,TrojanDownloader.Win32.Wintrim.ba,Trojan-Downloader.Win32.Wintrim.ci,Trojan-Downloader.Win32.Wintrim.az;
[Eset]Win32/TrojanDownloader.Agent.AD trojan,Win32/TrojanDownloader.Wintrim.BA trojan,Win32/TrojanDownloader.Wintrim.AC trojan;
[Panda]Dialer.LS,Dialer.B
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\msklive.dll
[%SYSTEM%]\msklive.dll

How to detect Slagent:

Files:
[%SYSTEM%]\msklive.dll
[%SYSTEM%]\msklive.dll

Folders:
[%WINDOWS%]\mslagent

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{4a6fa2eb-f381-4503-87d0-be4cc57deb8e}
HKEY_CLASSES_ROOT\clsid\{52bcfe5a-2015-4ab2-83f0-80903a38d9a6}
HKEY_CLASSES_ROOT\mslagent.3
HKEY_CLASSES_ROOT\mslagent.3.1
HKEY_CLASSES_ROOT\mslagent.8.1
HKEY_CLASSES_ROOT\navipromo.egnaviscoring
HKEY_CLASSES_ROOT\navipromo.egnaviscoring.1
HKEY_CLASSES_ROOT\typelib\{5630b768-1c09-4105-9e03-e35985e36b0b}
HKEY_CLASSES_ROOT\typelib\{7acd434e-3dbb-415f-9d04-0c4ed32de403}
HKEY_CLASSES_ROOT\clsid\{008db894-99ed-445d-8547-0e7c9808898d}
HKEY_CLASSES_ROOT\clsid\{19068197-6f58-4e8a-8007-7155a68ca967}\programmable
HKEY_CLASSES_ROOT\clsid\{75a603e7-8bb7-4272-abbe-9846ff1241c1}
HKEY_CLASSES_ROOT\mslagent.8
HKEY_CLASSES_ROOT\typelib\{82c0673c-f1d1-47ba-b904-ab0de82300bc}
HKEY_CLASSES_ROOT\typelib\{ba49bd6a-039c-428e-af33-8c1288d75a7b}
HKEY_CLASSES_ROOT\typelib\{d55589f7-2879-47e8-9c66-27de6477a814}

Registry Values:
HKEY_CLASSES_ROOT\interface\{4c7f0895-6fd8-46ee-880e-053df58ddae3}\typelib
HKEY_CLASSES_ROOT\interface\{510c3373-4842-4944-8729-0aff6725a132}\typelib
HKEY_CLASSES_ROOT\interface\{4c7f0895-6fd8-46ee-880e-053df58ddae3}\typelib
HKEY_CLASSES_ROOT\interface\{510c3373-4842-4944-8729-0aff6725a132}\typelib
HKEY_CURRENT_USER\software\mc
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\mslagent
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\mslagent

Removing Slagent:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Boot.IIB.Beta RAT Cleaner

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)