February 5th, 2003, 07:09 AM
Virus Alert: Troj/Slanret Seeks Hidden System Privileges
taken from the full story found...
Even though Symantic labled it as low, I figured it would still be of some intrest to some of you out there.
Troj/Slanret-A, also known as Backdoor.Ierk and Backdoor-ALI.sys, is a Trojan that may be used as a driver component with the filename ierk8243.sys by another application to gain unauthorized shared stealth access to the target computer, according to anti-virus vendor Sophos.
Upon execution the malicious application would install Troj/Slanret-A as a device with the device name Mp437bba8e and may set the following registry entry:
Troj/Slanret-A acts as a device and provides an interface that allows an application to run hidden with full system privileges.