Home / Spyware Encyclopedia / Rootkit.Agent << Back

Recommendation to Automatically remove Rootkit.Agent


Our products can remove Rootkit.Agent and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Agent Details


  • Category Rootkit
  • Discovered 10/27/2009 10:12:32 AM
  • Modified 10/11/2024 3:28:28 PM
  • Threat Level Critical
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
yiqilailyrics.dll 139264yiqilailyrics.com1.2.6.08cc088fb56713829bcc9f8fe5c3e205e 
foo_ui_yqllyrics.dll 144896yiqilai.com1.2.6.0fdf55322567dae0f559326e5a1205fe4 
gen_yqllyrics.dll 53248yiqilai.com1.2.6.0788c9492ca141f9cccbd8971b0f7a171 
vis_yqllyrics.dll 74752yiqilai.com1.2.6.04b9db4f97c6bcc6be838004cdb577d94 
yql_lyrics_common.dll 451584yiqilai.com1.2.6.01908031943862821a306656b2e137ba3 
91f1d45f.exe 81920YE1.00efeb72e549ec4b2572d112ff13331161 
24DFBFDB.EXE 25216WINDOWS SYSTEM INTERNAL5.622.60.2306d32874d7a0fcdf033f6cb75ca064195 
6e1b6c42.exe 12160Windows (R) 2000 DDK provider5.1.2600.0 built bye58d0a95496f326fa42dc048162fc538 
9223ffc4.exe 12160Windows (R) 2000 DDK provider5.1.2600.0 built bye1c6a2d711fbb7fbabc773c67923d901 
1e46a5e2.exe 12032Windows (R) 2000 DDK provider5.1.2600.0 built bye00e35503eb95540e8e027175210f125 

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\bits\"id"\"17396050039564240964491460435265"
..\System\CurrentControlSet\Enum\root\legacy_krrbohgfnmii\(Default)
..\Software\Microsoft\Windows\CurrentVersion\bits\"id"\"41801952381325183402187085712802"
..\System\CurrentControlSet\Enum\root\legacy_jewjyvj\(Default)
..\Software\Microsoft\Windows\CurrentVersion\bits\"ii"\"1"
..\Software\Microsoft\Windows\CurrentVersion\bits\"id"\"72733297517782414941694852879135"
..\Software\Microsoft\Windows\CurrentVersion\bits\"host"\"93.174.95.145"
..\System\CurrentControlSet\Enum\root\legacy_onhctn\(Default)
..\System\CurrentControlSet\Enum\root\legacy_jwraxlccxdjj\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Run\\"system"\"interneters.exe"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.