Know Your Malware: Rahack.b Removal

Rahack.b is a worm that scans the network for computers running Radmin remote administration tool and attempts to spread to them using a list of known weak passwords. The parasite may give the attacker full unauthorized access to a compromised computer. Rahack.b automatically runs on every Windows startup and every time an executable file is run.

Related files: syshid.exe, server.dll, system.vbs

Rahack.b properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Rahack.b, removal instructions

Linked by shanmuga Friday, 16th December 2005 4:20AM