Home / Spyware Encyclopedia / Rootkit.Ressdt << Back

Recommendation to Automatically remove Rootkit.Ressdt


Our products can remove Rootkit.Ressdt and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Ressdt Details


  • Category Rootkit
  • Discovered 11/12/2009 7:00:20 PM
  • Modified 8/9/2023 3:10:22 PM
  • Threat Level High
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
baiduc.dll 151552Syons.Fae2.0.0.07392d782b8106dc26ab7fb6d63e1d92a 
baiduc.dll 163840Syons.Fae2.0.0.023b25817c5dd167a0b3441088bd9309f 
baiduc.dll 159744Hello Loons.Fad2.0.0.01375d320536a20a2b1b8402d384c416e 
075CF704.EXE 2432  fd1c22f619a37d4b69a0b3cd69dd6827 
8648d99e.exe 425984  fac131dc3b6bb981cff164bc174f918c 
0943ba23.exe 3200  de48a1dd8ee9894d0b0ad2ae907407fb 
3DBB7E74.EXE 3630  bdc893d66436718509e9f6f30e9d3c5e 
9CECF071.EXE 2560  a3def9421d5f0d4cbf5d300b04082b6d 
4C94EB27.EXE 2816  9be1782a76e57fd64e2af30ce4ce4350 
BA440CD0.EXE 2201  96286dce09cb3b29c37ae9b61ce75714 

The following Registry Entries were created:
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naPrdMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSetMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccEvtMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WOPTILITIES.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VsTskMgr.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTRAY.EXE\(Default)
..\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.EXE\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.