Xanadu Trojan

By faheemhkhan ·
Hi, Guys and Gals

I need some help, our windows 2003 box has been compromised by the Xanadu trojan, anyone know how to remove this trojan program or etc... How can I disable ports with no firewall on that server. Yes I aware of the stupidity of not having a firewall I am taking over for an existing sys admin who wasn't educated.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

See if this is of any help

by Jacky Howe In reply to Xanadu Trojan

Click Start, Run and type in regedt32 and remove the SETUP key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
RunServices is added by the Virus.
Delete the trojan file SETUP.exe in the windows directory. If you can't delete it download and run this
It will be removed on a restart of the PC.

Let us know how you get on.

< PC will have to be Restarted after modifying the Registry >

Related Discussions

Related Forums