General discussion

Locked

Radmin infestation

By BHunsinger ·
Last month we noticed a spike in CPU usage by Task manager on one of our W2K advanced servers.
Discovered some strange files in the root of the boot volume, i.e., lolipop.bat, ...SBSD identified Haxdoor-H present and supposedly removed related files..
We keep getting an item in the system tray called radmin. The associated website does not help at all, and we cant remove it, it just keeps coming back.
It seems to be a piec of freeware that got used to creat a hack. This was not installed locally.
Running Symantic corporate edition 7.6, fully updated.

This conversation is currently closed to new comments.

14 total posts (Page 2 of 2)   Prev   01 | 02
Thread display: Collapse - | Expand +

All Comments

Collapse -

by BHunsinger In reply to

This has already been done

Collapse -

by beantolol In reply to Radmin infestation

try disabling it from the services.

in the administrative tools, go to services, find "Remote Administration Tools". Stop that service, and disable it.

Collapse -

by BHunsinger In reply to

Thanks to everyone, but hte simple things were all done before posting the question. It looks like a wipe and reinstall is the only answer.

Collapse -

by BHunsinger In reply to Radmin infestation

This question was closed by the author

Back to Networks Forum
14 total posts (Page 2 of 2)   Prev   01 | 02

Related Discussions

Related Forums