Know Your Malware: Satiloler.b Removal

Satiloler.b is a trojan designed to steal user sensitive information. Once executed, the parasite silently installs itself to the system, overwrites essential system files with own copies, disables Windows essential tools and components, terminates some running antiviruses, browsers and several system utilities. Satiloler.b runs an integrated keylogger, which records various login names, passwords, e-mail profile details and information of the e-gold online money service account.

It also tracks user Internet activity and logs all the data the user enters on banking web sites. The trojan transfers gathered data to a predetermined web server. Satiloler.b can work as a hidden proxy server. The parasite automatically runs on every Windows startup.

Satiloler.b is usually installed through the WMF exploit.

Related files: lsass.exe, userinit.exe, sfc.dll, sfc_os.dll, xvid.dll, divx.ini, xvid.ini

Satiloler.b properties:
Allows remote user connection
Logs keystrokes
Connects itself to the internet
Hides from the user
Stays resident in background Remove Satiloler.b, removal instructions

Linked by shanmuga Wednesday, 4th January 2006 11:32PM