W32.Slackor
Aliases: MultiDropper-DC, Trojan.MulDrop.310, Troj/Mdrop-DD, TrojanDropper:Win32/Yabinder.2_0, TROJ_YABINDER.20,
Variants: Dropper.Agent.2.U, Trojan.Dropper.Yabinder.2.0, Trojan Horse.AP, Win32/TrojanDropper.Yabinder.C,
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 05 Mar 2003
Damage: Low
Characteristics: The W32.Slackor program is a worm that tries to duplicate itself through Windows NT based networks. When trying to look for computers to contaminate, the worm queries other PCs making use of TCP port 445.
W32.Slackor Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Slackor from your computer.
More details about W32.Slackor
The W32.Slackor program is a worm that tries to duplicate itself through Windows NT based networks. When trying to look for computers to contaminate, the worm queries other PCs making use of TCP port 445. The W32.Slackor application is created with the following components: “Cnn3.exe”, “Psexec.exe”, “Abc.bat”, “ips.txt”, “Slacke-worm.exe”, and “Main.exe”. When the “Slacke-worm.exe” opens, it produces a lot of random Internet Protocol addresses. If your computer’s Internet Protocol address utilizes the form “[Addr1].[Addr2].[Addr3].[Addr4]”, then the randomly produced Internet Protocol addresses are in form of “[Addr1].[Addr2].[0-255].[0-255]”.The W32.Slackor worm program has several modes of installations. The downloader Trojan program may come bundled with other malicious program. It may also infect the computer via drive-by downloads. Drive-by download executes when the user visits unreliable websites with malicious contents.