Results 1 to 7 of 7

Thread: Slave.exe trojan

  1. #1
    Junior Member
    Join Date
    Apr 2003
    Posts
    13

    Slave.exe trojan

    i just checked up the processes running on my system and found that Slave.exe was up and active..
    when i did a search on google it appears to be some kind of a trojan..

    any advices how to disable that from the client side.. I am on a network and have win xp installed in the system.
    --i couldnt delete the registry key/ doesnt allow me to do that--

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Posts
    109
    It sounds like you have the Backdoor.RA trojan. First of all, you will need to stop the slave.exe process. You can just go in the task manager, right click on the slave.exe item and select "End Process" or "End Task". Then you should be able to delete the registry key assuming you have admin privs on the machine. Then scan your machine with viruses either with a good app like Norton or an online scanner. If you need more help, just PM me.
    $person!=$kiddie or die(\"Alas, die you hotmail hacker!!\");
    SecureVision

  3. #3
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    http://www.bitdefender.com/index.php

    has some stuff... most any antivirus will be able to handle that as well... is not kaspersky antivirus free? http://www.kaspersky.com/
    yeah, I\'m gonna need that by friday...

  4. #4
    Junior Member
    Join Date
    Apr 2003
    Posts
    13
    i dont have the adim previliges :-(
    is there anyway i can do that without the previliges

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Posts
    109
    If you don't have admin privs, ask someone who does to take care of it. If you are at your job, ask your IS guys to take care of it. Thats their job, not yours. In fact, they might get pissed if you crashed your machine trying to repair a trojan. If that's gonna take too long, just kill slave.exe every time you reboot until they can fix it.
    $person!=$kiddie or die(\"Alas, die you hotmail hacker!!\");
    SecureVision

  6. #6
    Senior Member
    Join Date
    May 2003
    Posts
    472
    well slave.exe is Remote Anywhere...software's server for controlling ur PC remotely....if u r on school/college/workplace network...it may be quite possible that ur administrator has installed it...check out with ur admin...else if it is ur personal PC...and it is without ut knowledge...who installed it..get rid it as soon as possible...

    it is located in your windows or /windows/system directory....it is a hidden file...the icon is that of red ring........kill it from processes and then delete the file...or edit ur registry to do so.....check out in tutorials section u will find a tute related to autostart locations in windows registry...

    Ch33rs
    guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;

  7. #7
    Junior Member
    Join Date
    Apr 2003
    Posts
    13
    thanks for your advices--
    i just got hold of a sys admin and deleted the files and the registry values..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •