SLICKSHOES Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 569
Category: Trojans

SLICKSHOES is a malware dropper. It is classified as a Trojan, which means it can enter systems without any permission or victims noticing anything. Once it infects a system, the malicious application ought to drop more malware on it. At the moment of writing, the threat was noticed to be spreading a RAT (Remote Access Trojan) infection called Themida. If you want to know what could happen if this threat appears on a system or which computers might be targeted by the cybercriminals responsible for this Trojan, we invite you to read the rest of this report. It is vital to stress that the instructions located at the end of the text show only how it might be possible to erase SLICKSHOES. In other words, they might not work, which is why we highly recommend erasing this dangerous Trojan with a reliable antimalware tool.

As mentioned earlier, SLICKSHOES is a Trojan, which means it can enter a system without a user realizing it. There are a lot of ways how such a threat could be distributed. For instance, its creators could send targeted victims infected email attachments, links, or other data. Hackers could use forged email addresses to send messages with infected files so that they would not raise suspicion. Therefore, specialists recommend inspecting emails carrying links, attachments, or any other data thoughtfully before opening anything. If it is a link, you should see its full URL address to see where it leads. If it is a file, you should scan it with a reliable antimalware tool.

Moreover, threats like SLICKSHOES can be distributed through malicious installers, fake updates, and other files from malicious file-sharing websites, pop-ups, and ads. To avoid coming across such files, we advise downloading new programs only from legitimate websites. When it comes to updates, it is safer to let your system download them automatically for you. Also, users should know that Trojans can enter their systems by exploiting vulnerabilities such as unsecured Remote Desktop Protocol (RDP) connections, weak passwords, outdated programs, etc. Thus, it is vital to remove such vulnerabilities if you want to protect your device from threats that could misuse them.

Cybersecurity experts believe that SLICKSHOES is one of the versions of a Trojan that was developed and used by the North Korean government. Thus, this new version could be also used by the same government. The targeted victims could be companies or people in possession of information that the attackers might be interested in. As you see, the RAT infection called Themida that SLICKSHOES was noticed to be installing after entering a system has functionality that allows spy on victims. To be more precise, Themida can upload or download files, execute various commands, and take screen captures. Therefore, it could steal various documents, capture a screen when a victim is working with sensitive information, and so on.

Needless to say, that deleting such Trojans is a difficult task. As said before, the instructions located below show how one could erase SLICKSHOES, but there are no guarantees that it will work. To make sure that the Trojan and the other threats like Themida that it could drop get eliminated, we advise using a reliable antimalware tool that could deal with such malware. Also, once the malicious application is gone it is advisable to ensure that attackers could not misuse the information that the Trojan could have captured, for example, victims could change passwords that might have been exposed.

Restart your system in Safe Mode with Networking

Windows 8/Windows 10

  1. Press Win+I for Windows 8 or open Start for Windows 10.
  2. Click Power.
  3. Press and hold Shift and click Restart.
  4. Choose Troubleshoot and pick Advanced Options.
  5. Wait for Startup Settings to appear and click Restart.
  6. Press F5 to finish.

Windows XP/Windows Vista/Windows 7

  1. Go to Start, pick Shutdown options and click Restart.
  2. Press and hold F8 when the computer starts restarting.
  3. Select Safe Mode with Networking from Advanced Boot Options.
  4. Click Enter to finish.


  1. Press Win+E.
  2. Navigate to these directories:
  3. Find the Trojan’s installer (suspicious recently downloaded or created file), right-click it, and select Delete.
  4. Go to: %WINDIR%\Web
  5. Find a file called taskenc.exe, right-click it, and select Delete.
  6. Exit File Explorer.
  7. Empty Recycle Bin.
  8. Restart your computer.
Download Remover for SLICKSHOES *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.


Your email address will not be published.


Enter the numbers in the box to the right *