« Worm.SillyShareCopy.U
Trust Cop »

RemoteAccess.GhostRadmin

No Comments
Sumo3000 By Sumo3000 in Remote Administration Tools | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

RemoteAccess.GhostRadmin Description

RemoteAccess.GhostRadmin is a dangerous remote administration tool. Upon installation of RemoteAccess.GhostRadmin, it can open up the infected system to a remote attacker where information can be compromised. After installed, RemoteAccess.GhostRadmin can add malicious executable files and registry entries to the system without notification to the computer user.

Type: Remote Administration Tools

How Can You Detect RemoteAccess.GhostRadmin?

 
 

Download SpyHunter’s Detection Scanner
to Detect RemoteAccess.GhostRadmin.

 
 

RemoteAccess.GhostRadmin Technical Report

As new RemoteAccess.GhostRadmin details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following RemoteAccess.GhostRadmin files with its MD5s were created in the system:

File Name File Size MD5
r_server.exe 724992 7b47116ed09cb460558365142b2d4a8c
r_server.exe 241664 7bad1dfbfd371c2cf2a973db19e77ad8
svchost.exe 237568 9fc3663874e1e8bb8da85f2c3ca5340f

RemoteAccess.GhostRadmin has typically the following processes in memory:

  • r_server.exe
  • FireDaemon.EXE

RemoteAccess.GhostRadmin creates the following registry entries:

  • HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemote Administrator Service
  • HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSystemSRA

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 10/6/09 and is filed under Remote Administration Tools. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.