Q

Do I have a Remote Administration Trojan (RAT) on my system?

I have something called AdvancedRemoteInfo listed as a program file on my Exchange server. I'm afraid it is a RAT (Remote Administration Trojan) and I think I should delete it in Add/Remove programs. What do you think?
I suspect that you are correct. There is no such file having anything to do with the base Windows Server 2003 or Exchange Server 2003 installation. While I could not confirm the existence of "AdvancedRemoteInfo" as a Trojan executable, there are a number of variants for RATs. Because I can not confirm it, before removing it, you might want to make sure that it is not part of any third-party software you have installed on your system.

If it is a Trojan, using Add/Remove programs might not be enough. If you do not already have an antispyware solution for you enterprise servers, you should look into obtaining one. Most spyware solutions will allow you to perform a free scan of your system assuming it has Internet access. This will detect if this is in fact a Trojan.

However, in order to remove it, you will need to purchase the full version of the software or trust yourself to be able to remove it. Even if you successfully remove it manually, it might just re-install itself again. Antispyware software will hopefully be able to find all locations where the malware is hidden in your system and remove it.


Do you have comments on this Ask the Expert Q&A? Let us know.
This was first published in July 2005

Dig deeper on Spam and virus protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close