Protection from monitoring by RADMIN

Radmin is not a spyware. It is a tool for remote PC administration. It allows remotely seeing what is happening on PC screen.
There are some people who are not satisfied with such monitoring, because it not allows to work in confidence.
We decided to create this instruction which can help you to protect against monitoring and allows removing Radmin modules.

How to determine the monitoring and block access for spies to your computer without removing Radmin modules.

After launching COVERT Pro you need to view the list of programs that have access to the network from your computer in the “Network Monitor“. Active monitoring of Radmin will be immediately visible. If it is in standby mode, you should click on the “App” in the top pane of Network Monitor, or select “Connections” from the context menu. There will be displayed all active processes and waiting for the connection processes.

Radmin process rserver3.exe

The application rserver3.exe belongs to Radmin. It should be added to the database of threats, and it will be blocked upon entering the secure platform of COVERT Pro. Now you can perform any actions in the secure platform, without the fear that someone spying on you from remote computer. If you check again the list of applications in the Network Monitor, you won’t see any process that transferring data from your computer. But as soon as you exit the secure platform, blocking hidden connections of Radmin will be disabled, and remote access to your computer will be restored. An outside observer might think that your computer has been turned off.

If you select first mode of internal protection in the secure platform, you can see which application launches itself independently, without user’s knowledge. In this mode of protection, they are highlighted in yellow or red, if they are already were included in the “Database threats“. In the screenshot below, process Famitrfc.exe of Radmin is highlighted in red.
In the second mode of the internal protection, all processes that are trying to launch by themselves, will be blocked. At the same time COVERT Pro will beep, signaling about blocking of such attempts.

Radmin process Famitrfc.exe

How do I stop or remove service Radmin?

In the “System Services” you can open context menu and stop the service Rserver3.exe. Monitoring will be stopped until next system restart. If you want to enable this service, use the context menu under “All services“. As well through the context menu you can delete Rserver3.exe.

Radmin service Rserver3.exe

For a complete removal Radmin’s components from the system you should remove two more drivers. Open the “Driver monitor” and remove drivers with names rminiv3.sys and raddrvv3.sys using context menu. After this operation, restart your computer and check your system again for the presence of remote monitoring components.

Radmin drivers

Download COVERT Pro and check FREE of charge your computer for spyware and rootkits, which were not detected by an antivirus.