<div>
It is definitely a crypto-miner.<br />
<br />
Installation vector seems to be a hole in RDP protocol.<br />
<br />
We will switch to VPN asap.<br />
<br />
Thank you.
</div>


It is definitely a crypto-miner.

Installation vector seems to be a hole in RDP protocol.

We will switch to VPN asap.

Thank you.

<div>
<div class="content wysiwyg-content">
We had our 2003 freeze windows, with movable mouse. One hard restart later and all is fine, but we have <br />
<br />
<b>smss.exe</b> in <b>C:\WINDOWS\Fonts\ialbmcnde<wbr />d\</b><br />
<br />
Using about 50% of the CPU time available.<br />
<br />
I checked with BitDefender and the file is clean, and it does seem as legitimate win process.<br />
<br />
Is this a restart verification of some kind, or a very smart virus?
</div>
</div>


We had our 2003 freeze windows, with movable mouse. One hard restart later and all is fine, but we have 

smss.exe in C:\WINDOWS\Fonts\ialbmcnded\

Using about 50% of the CPU time available.

I checked with BitDefender and the file is clean, and it does seem as legitimate win process.

Is this a restart verification of some kind, or a very smart virus?

smss.exe in C:\WINDOWS\Fonts\ialbmcnded\ at 50% CPU

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).