Home / Spyware Encyclopedia / Rootkit.Small << Back

Recommendation to Automatically remove Rootkit.Small


Our products can remove Rootkit.Small and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Small Details


  • Category Rootkit
  • Discovered 4/30/2009 3:47:19 PM
  • Modified 1/2/2024 10:34:44 AM
  • Threat Level High
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
f57614ec.exe 1646899Macromedia, Inc.8.0.22.0feeae78a973f2368942c89f788346b8f 
f57614ec.exe 1659753Macromedia, Inc.8.0.22.01ed1e43ee331ec7cab3b08a2b107f77f 
a81b59fc.exe 1935747HonorGames1.0.0.021a73e2d484507c13f8b2bb7bb12d89b 
nvwrsasd.dll 270336  ef0273bf7ac1bf9222cb1de3e8d88760 
E94A3078.DLL 17408  64b1833d8ef12e63c5c93b1aef2fe2c4 
CE7DB7C0.EXE 2560  6342dacbbce8dcac5b8daf484c8067ef 
CE2D1E65.EXE 2976  45cff720c67a74bccda43245eff4c462 
353156C9.DLL 6656  41b920b04f2841ea89ff1d8f9240fa82 
D7A15A0D.EXE 2304  3e65f160b26dc521ba32b4e51db959e2 
E9AB92BE.DLL 21504  43fa7082d2e9458cb4d71e076b2c6b66 

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"rundll32.exe %DAS.AU%\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"rundll32.exe %WIN.SYS32%\autochk.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%DAS.AU%\LocalService\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%DAS%\nts and Settings\admin\protect.dll,_IWMPEvents@16"
..\System\CurrentControlSet\Services\sectolr\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%WIN.SYS32%\OWS\system32\autochk.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%ROOT%\dll32.exe X:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%ROOT%\dll32.exe X:\DOCUME~1\admin\protect.dll,_IWMPEvents@16"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.