cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
it1024
Level 10
Report Inappropriate Content
Message 1 of 3

RemAdm-Rackspace! should I be worried?

Hi,

As the below picture says, ENS has detected "RemAdm-Rackspace" which seems to be Remote Admin Tool and has also created several Registry values. The ENS on the affected system is somehow corrupt since when clicking on Scan System button it completes instantly with no scanning. Also the machine encounters unexpected reboot (windows event ID:41). So far 5 machines are re-acting the same way.

Full scan is going on every machine in the network.

My first question is that whether we should be worried about the rest of the network! Because although ENS has detected the issue but the machine has been damaged.

And secondly, how can I view the quarantined items list from ePO?

Thank you in advance.

anydesk00138.jpg

McAfee Endpoint Security 

2 Replies
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: RemAdm-Rackspace! should I be worried?

Hi @it1024,

Thank you for your post. In case of an active attack such as these, we strongly recommend that you contact support team via a Service Request to analyse the damage to ENS and confirm if it is the work of a malware.

It is best to review the Self protection policy in place and come up with an access protection rule to block this file from further execution as we see that it has impacted 5 machines already. Please create a support ticket with us for further investigation as soon as possible.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Daveb3d
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 3

Re: RemAdm-Rackspace! should I be worried?

Remote admin tool of some type. 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community