RAT.Remoter

Discussion in 'Trojan Defence Suite' started by Terravita, Dec 29, 2003.

Thread Status:
Not open for further replies.
  1. Terravita

    Terravita Registered Member

    Joined:
    Mar 11, 2003
    Posts:
    9
    I keep getting this message in TDS-3.

    Scan Control Dumped @ 13:25:10 28-12-03
    RegVal Trace: RAT.Remoter: HKEY_LOCAL_MACHINE
    File: SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Taskman=C:\Program Files\Task Man 1.5\TASKMAN.EXE]

    I have uninstalled Taskman, cleaned the registry and reinstalled Taskman. Why do I keep getting this message?
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Hi,

    What is Task Man ?

    This is a registry TRACE value, which was left over by a machine infected with "Remoter". If you have a legitimate application that uses that startup name, please send an email to gavin@diamondcs.com.au with the URL to the legitimate program. I'll remove the trace detection, you can ignore it for now :)
     
  3. Terravita

    Terravita Registered Member

    Joined:
    Mar 11, 2003
    Posts:
    9
    I downloaded Taskman 1.5 from the DiamondCS Freeware page:

    TaskMan+
    TaskMan+ is a free tiny utility that launches Windows Task Manager in a special way as to boost the security privileges of Task Manager, which in turn gives it a real unconditional license to terminate ANY process. Requires Administrator privileges

    I downloaded a fresh copy and installed it. I still get the message in my original post.
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hello Terravita
    Which operating system are you using?
    Did you get the message immediately after the first install of Taskman+ or did it start after a while suddenly?
     
  5. Terravita

    Terravita Registered Member

    Joined:
    Mar 11, 2003
    Posts:
    9
    Jooske

    I am running XP Pro with all updates. I have been using TaskMan for several months. This error started suddenly, the same day or the day before posting my message.

    Along with TDS-3, I am using WormGuard, RegProt, ProcessGuard, Port Explorer, Ad-aware, Ad-watch, Spybot, PC-cillin 2003, ZoneAlarmPro, and BOCLEAN. Except for PC-cillian, I am running the current release on all software.
     
Thread Status:
Not open for further replies.