1. /
  2. Security Response/
  3. Trojan.Slanret

Trojan.Slanret

Risk Level 1: Very Low

Discovered:
January 29, 2003
Updated:
February 13, 2007 11:48:43 AM
Type:
Trojan Horse
Systems Affected:
Windows 2000, Windows NT, Windows XP


Trojan.Slanret is a Trojan horse that allows a hacker to gain full access to your computer.

If a program was set up to use this Trojan, the Trojan makes the program completely stealth when the program runs. The Trojan hides the file, process, and registry keys of the program. So, it is not possible to see the program using Windows Explorer or any other normal, user-level application.

Any registry keys that the program created will not be visible using applications such as the Windows Registry Editor.

Backdoor.Krei is one backdoor Trojan known to use Trojan.Slanret to hide its malicious activities.




If the Trojan was successfully installed on the computer, an unauthorized user may have remotely accessed your system. For this reason, it is impossible to guarantee the integrity of an infected system. The remote user could have made changes to the system, including but not limited to the following:
  • Stealing or changing passwords or password files.
  • Installing remote connectivity host software, also known as backdoors.
  • Installing keystroke logging software.
  • Configuring firewall rules.
  • Stealing credit card numbers, banking information, personal data, and so on.
  • Deleting or modifying files.
  • Sending inappropriate or even incriminating material from a customer's email account.
  • Modifying access rights on user accounts or files.
  • Deleting information from log files to hide such activities.

To be certain that your organization is secure and to ensure that your systems are safe, re-install the operating system, restore the files from a backup made before the infection occurred, and change all the passwords that may have been on the infected computers, or that were accessible from it. For more information regarding security in your organization, contact your system administrator.

Antivirus Protection Dates

  • Initial Rapid Release version January 30, 2003
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version January 30, 2003
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date February 5, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Low
Writeup By: Neal Hindocha

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver