Home / Spyware Encyclopedia / Rootkit.Ressdt << Back

Recommendation to Automatically remove Rootkit.Ressdt


Our products can remove Rootkit.Ressdt and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Ressdt Details


  • Category Rootkit
  • Discovered 11/12/2009 7:00:20 PM
  • Modified 8/9/2023 3:10:22 PM
  • Threat Level High
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
baiduc.dll 159744Hello Loons.Fad2.0.0.01375d320536a20a2b1b8402d384c416e 
IETimber.dll 193912????????1.0.0.136c56c0f69df06f8184d3ef0b96b907c 
8648d99e.exe 425984  fac131dc3b6bb981cff164bc174f918c 
3DBB7E74.EXE 3630  bdc893d66436718509e9f6f30e9d3c5e 
0ac1bcc1.exe 2176  bc562f44f02b3023e885258f7c9c4bb0 
E14E25B7.EXE 2304  8db552d9030451b18492bee27c289cb3 
97E9BFE7.EXE 2560  74e7d345569baef97398d9bddf9d69da 
0B100C81.EXE 4224  6ad7a3e41683836959a75f8f0a926b29 
bebba69d.exe 2176  5f65ae8ccae965c0536ca1b8d5d85670 
6FE95610.EXE 7680  542498c97013c66a8bfaac909acc48fa 

The following Registry Entries were created:
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naPrdMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSetMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccEvtMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WOPTILITIES.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VsTskMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTRAY.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.EXE\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.