Know Your Malware: Radium Removal

Radium is a backdoor that gives the attacker unauthorized remote access to a compromised computer. The intruder can manage the file system, terminate running programs, execute system commands, take screenshots, download and upload arbitrary files, open and close the CD-ROM tray, hide the taskbar and desktop icons, restart or turn off a computer. Radium is able to bypass Windows firewall. The backdoor automatically runs on every Windows startup.

Related files: helpsvc.exe, ldr.dll, msp.dll, ntr.sys

Radium properties:
Allows remote user connection
Takes and sends out screenshots of user activity
Connects itself to the internet
Hides from the user
Stays resident in background Remove Radium, removal instructions

Linked by shanmuga Friday, 28th October 2005 11:37PM