Home / Spyware Encyclopedia / Rootkit.Small << Back

Recommendation to Automatically remove Rootkit.Small


Our products can remove Rootkit.Small and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Small Details


  • Category Rootkit
  • Discovered 4/30/2009 3:47:19 PM
  • Modified 1/2/2024 10:34:44 AM
  • Threat Level High
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
f57614ec.exe 1646899Macromedia, Inc.8.0.22.0feeae78a973f2368942c89f788346b8f 
f57614ec.exe 1659753Macromedia, Inc.8.0.22.01ed1e43ee331ec7cab3b08a2b107f77f 
c7145a97.exe 586289Macromedia, Inc.5.0.30.0f7281632619a99524bf96d29df97ce88 
c7145a97.exe 599143Macromedia, Inc.5.0.30.0205d1a5a228df2fd5ed2a988e4c3f59d 
91E67ED7.EXE 2976  fb0300c7ef068e7386172eee12e9db3e 
ce59e816.dll 7680  f61a43c2df27f5718fe28aeb409dcc6d 
nvwrsasd.dll 270336  ef0273bf7ac1bf9222cb1de3e8d88760 
e6f67ce3.exe 17408  ccacf856ff62de768d2c1a83d5a03df1 
03BC334E.EXE 2543304  cc0b6749fa2f06887c1dad6501ab6de6 
A5423258.EXE 8576  cb3be4a9ee8ead1df9a6d546237bf138 

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"rundll32.exe %DAS.AU%\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"rundll32.exe %WIN.SYS32%\autochk.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%DAS.AU%\LocalService\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%DAS%\nts and Settings\admin\protect.dll,_IWMPEvents@16"
..\System\CurrentControlSet\Services\sectolr\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%WIN.SYS32%\OWS\system32\autochk.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%ROOT%\dll32.exe X:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%ROOT%\dll32.exe X:\DOCUME~1\admin\protect.dll,_IWMPEvents@16"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.