Home / Spyware Encyclopedia / Rootkit.Small << Back

Recommendation to Automatically remove Rootkit.Small


Our products can remove Rootkit.Small and thousands of other Virus and Spyware automatically and instantly.

Rootkit.Small Details


  • Category Rootkit
  • Discovered 4/30/2009 3:47:19 PM
  • Modified 1/2/2024 10:34:44 AM
  • Threat Level High
  • Category Description
    A Rootkit is a collection of tools (programs) that enable administrator-level (root) access to a computer or computer network. A Rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection. They are usually hidden and difficult to clean as they ingranulate deeply within the Registry and system files.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
wdgy.exe 45180svchost1.0065dac76523277c97fe4356271b13c5ca 
wdgy.exe 45180svchost1.0.0.0d2f64871ecb2165924a87854e8c6643e 
84bd1567.exe 4352  f113b2e18a3db35db99ef3bac8776a8e 
8CE2026A.EXE 5024  f1124a2249f53c419a482dfcff169181 
nvwrsasd.dll 270336  ef0273bf7ac1bf9222cb1de3e8d88760 
E1A6D024.EXE 2976  e1a731c515fb6e739f2a474fcdb56802 
autochk.dll 22016  d7e117a7bdefc8c08241c83c67932c6b 
ChkDisk.dll 22016  d7e117a7bdefc8c08241c83c67932c6b 
e55e1466.dll 22016  d7e117a7bdefc8c08241c83c67932c6b 
protect.dll 22016  d7e117a7bdefc8c08241c83c67932c6b 

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"rundll32.exe %DAS.AU%\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"rundll32.exe %WIN.SYS32%\autochk.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%DAS.AU%\LocalService\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%DAS%\nts and Settings\admin\protect.dll,_IWMPEvents@16"
..\System\CurrentControlSet\Services\sectolr\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%WIN.SYS32%\OWS\system32\autochk.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%ROOT%\dll32.exe X:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"autochk"\"%ROOT%\dll32.exe X:\DOCUME~1\admin\protect.dll,_IWMPEvents@16"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.