NetSlayer
NetSlayer is a PC threat, which is categorized as a Remote Administration Tool (RAT). NetSlayer can be used by web attackers for numerous unwanted and potentially malicious activities. Usually, NetSlayer exploits security vulnerabilities and opens the backdoors for its creator so that he could manipulate and control the PC. An attacker uses NetSlayer to infect a PC via a spam email carrying a malicious attachment or File and Print Sharing. NetSlayer enables the remote attacker to connect to the corrupted PC. NetSlayer can destroy the computer system. The main aim of NetSlayer is hooliganism. NetSlayer can steal important information, delete files and damage the PC. NetSlayer creates a backdoor on the affected computer. NetSlayer enables the attacker to avoid anti-virus software and connect to the PC completely unnoticed. NetSlayer can also spy on the PC user's browsing activities by logging keystrokes. NetSlayer was written in Visual Basic programming language.
File System Modifications
- The following files were created in the system:
# File Name 1 client.exe 2 nspatch.exe 3 server.exe 4 unpacked server.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionspatch - The following CLSID's were detected:
HKEY..\..\{CLSID Path}18d91ad0-d0be-11d1-a6b4-00aa002075da
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:[system root]\\system\\nspatch.exe
File name: [system root]\\system\\nspatch.exeFile type: Executable File
Mime Type: unknown/exe
Registry Modifications
HKEY..\..\{CLSID Path}HKEY_CLASSES_ROOT\clsid\{18d91ad0-d0be-11d1-a6b4-00aa002075da}HKEY_CLASSES_ROOT\clsid\{18d91aca-d0be-11d1-a6b4-00aa002075da} HKEY_CLASSES_ROOT\typelib\{18d91ad0-d0be-11d1-a6b4-00aa002075da}HKEY_CLASSES_ROOT\clsid\{18d91acf-d0be-11d1-a6b4-00aa002075da} HKEY_LOCAL_MACHINE\software\classes\clsid\{18d91acf-d0be-11d1-a6b4-00aa002075da} HKEY_LOCAL_MACHINE\software\classes\typelib\{18d91ad0-d0be-11d1-a6b4-00aa002075da} HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\nspatch
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.