Home / Spyware Encyclopedia / Rootkit.Ressdt << Back

Recommendation to Automatically remove Rootkit.Ressdt


Our products can remove Rootkit.Ressdt and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Ressdt Details


  • Category Rootkit
  • Discovered 11/12/2009 7:00:20 PM
  • Modified 8/9/2023 3:10:22 PM
  • Threat Level High
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
81F3653A.EXE 2304  f3fd991ca79df8f60c9a6b1ac19e133d 
E1C54EC3.EXE 2432  efd0b7479e3c9a2753ece7dbc92d0220 
4FC2A950.EXE 2560  ea5baaae3c5256f39afd61fb57343a7e 
4763ebca.exe 110080  df827ae35755f2df06e9337dc5e300f8 
BA627FA6.EXE 4224  d3bed9e23d4f7245ae6014183cf735c6 
0ac1bcc1.exe 2176  bc562f44f02b3023e885258f7c9c4bb0 
6CB1A5D9.EXE 2432  a072dbb6c12f945a4cf11a33a9f233e7 
52426C4E.EXE 2560  9eb308f506b182b7a2177848bd7ba91b 
4C94EB27.EXE 2816  9be1782a76e57fd64e2af30ce4ce4350 
BC3C85EB.EXE 4224  9b8182b4795f94c03b75ae1f67ba86fc 

The following Registry Entries were created:
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naPrdMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSetMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccEvtMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WOPTILITIES.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VsTskMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTRAY.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.EXE\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.