Bleeping Computer

Welcome Guide    Blogs    Chat    Help

Search Search Forums Advanced Search Search with Google

RSS

Welcome Guest (Log In | Create Account) New Member? Join for free.

  Have a problem and would like to ask us for help? To learn how to ask your question Click Here!
  Do you have popups or other malware infecting your computer? If so, Start Here!
  Are you having trouble using this site? Then you should visit the New User Orientation Center!

BleepingComputer.com -> Startup Programs Database -> Rootkit List

A    B    C    D    E    F    G    H    I    J    K    L    M    N    O    P    Q    R    S    T    U    V    W    X    Y    Z    Other    HJT: F0, F1, F2, F3 · O4 · O20 · O21 · O22 · O23 Rootkit List · Submit a Startup · Top Submitters  Startup Index · Newest Entries · Mozilla Search Tools · WebMaster Site Tools · Status Key Startup Database Forum · Computer Help Forums · How to use the Startup Database Enter the filename or keyword you would like to search for: Advanced Search Name Filename Status Description clbdriver clbdriver.sys X Identified as a variant of the Rootkit.Win32.Clbd.cx rootkit. pqasghjd pqasghjd.sys X Added by the Backdoor.Rustock backdoor rootkit. Uninterruptible Power Supply CRT upscr.sys X Identified as a variant of the Trojan.Rootkit.Gen rootkit. narqwe narqwe.sys X Added by the Backdoor.Rustock backdoor rootkit. jwzpqng jwzpqng.sys X Added by the Backdoor.Rustock backdoor rootkit. upsctl upsctl.dll X Identified as a variant of the Trojan.Rootkit.Gen rootkit. bzsqlpa bzsqlpa.sys X Added by the Backdoor.Rustock backdoor rootkit. hcnwg4u hcnwg4u.sys X Added by the Backdoor.Rustock backdoor rootkit. ksnhtr ksnhtr.sys X Added by the Backdoor.Rustock backdoor rootkit. sywtdxaz sywtdxaz.sys X Added by the Backdoor.Rustock backdoor rootkit. gsbgqpwwfw gsbgqpwwfw.sys X Added by the Backdoor.Rustock backdoor rootkit. WLAN route service rotr.sys X Identified as a variant of the Rootkit.Win32.Agent.ahf rootkit. nzqtegh nzqtegh.sys X Added by the Backdoor.Rustock backdoor rootkit. iuzqpaf iuzqpaf.sys X Added by the Backdoor.Rustock backdoor rootkit. yzbgqap yzbgqap.sys X Added by the Backdoor.Rustock backdoor rootkit. wzghui wzghui.sys X Added by the Backdoor.Rustock backdoor rootkit. pjsapdg pjsapdg.sys X Added by the Backdoor.Rustock backdoor rootkit. zwqcplsp zwqcplsp.sys X Added by the Backdoor.Rustock backdoor rootkit. tcpsr tcpsr.sys X Identified as a variant of the Trojan.Rootkit.Agent.Ack malware. bqzpas bqzpas.sys X Added by the Backdoor.Rustock backdoor rootkit. kzq5re kzq5re.sys X Added by the Backdoor.Rustock backdoor rootkit. nexkaqf nexkaqf.sys X Added by the Backdoor.Rustock backdoor rootkit. hqiopa hqiopa.sys X Added by the Backdoor.Rustock backdoor rootkit. uazpiq uazpiq.sys X Added by the Backdoor.Rustock backdoor rootkit. zzz zzz.sys X Added by the Hacktool.Rootkit rootkit. QANDR qandr.sys X Added by a variant of the Rootkit.Win32.Agent.ea rootkit Trojan. Kernel CryptoModule krnllds.sys X Added by a variant of the TR/Rootkit.Gen rootkit Trojan. fkjdfje fkjdfje.sys X Added by the Backdoor.Rustock backdoor rootkit. ydhqzop ydhqzop.sys X Added by the Backdoor.Rustock backdoor rootkit. zsqalpdt zsqalpdt.sys X Added by the Backdoor.Rustock backdoor rootkit. klite klite.sys X A variant of the Haxdoor rootkit. grande48 grande48.sys X Added by the Troj/RKAgen-E rootkit Trojan. DTM Protector dprot.sys X A variant of the Haxdoor rootkit. widuxngq widuxngq.sys X Added by the Backdoor.Rustock backdoor rootkit. hemimorphite vualf.dll X Zlob Trojan that infects you with the VirusHeat rogue anti-spyware program. Please use the guide below to remove this infection. zeqbqwp zeqbqwp.sys X Added by the Backdoor.Rustock backdoor rootkit. zalpqbj zalpqbj.sys X Added by the Backdoor.Rustock backdoor rootkit. serazavr serazavr.log X Added by the Backdoor.Rustock backdoor rootkit. nqaplwj nqaplwj.sys X Added by the Backdoor.Rustock backdoor rootkit. yeTyezzd yeTyezzd.sys X Added by the Backdoor.Rustock backdoor rootkit. uerj45kj uerj45kj.sys X Added by the Backdoor.Rustock backdoor rootkit. qalwpmdgt qalwpmdgt.sys X Added by the Backdoor.Rustock backdoor rootkit. itcoe adapter itcoe.sys X A variant of the Haxdoor rootkit. RDP Host Device Driver rdpdrv.sys X Added by the Backdoor.Sanjicom backdoor Trojan. trahtibedoh trahtibedoh.sys X Added by the Backdoor.Rustock backdoor rootkit. mqzprwe mqzprwe.log X Added by the Backdoor.Rustock backdoor rootkit. cryptdrv cryptdrv.sys X Added by the Backdoor.Rustock backdoor rootkit. zdegpig zdegpig.ini X Added by the Backdoor.Rustock backdoor rootkit. ytzpoqw ytzpoqw.dll X Added by the Backdoor.Rustock backdoor rootkit. Transfer Service uiops.exe X Added by the Trojan.Acdropper.C Trojan. jwlbqzpi jwlbqzpi.dll X Added by the Backdoor.Rustock backdoor rootkit. e67gdfg e67gdfg.ds X Added by the Backdoor.Rustock backdoor rootkit. yeyqase yeyqase.mis X Added by the Backdoor.Rustock backdoor rootkit. tdidrv32.sys tdidrv32.sys X Identified as a variant of the Rootkit.V malware. This file is installed with the latest Zlob infections in order to protect the e404 Helper browser helper object. SystemDrive maxpaynow1.exe X Identified as a variant of the Trojan-Downloader.Win32.Tibs.wu malware. DriveSystem maxpaynowti1.exe X Identified as a variant of the Trojan-Downloader.Win32.Tibs.wu malware. hhlmken hhlmken.scp X Added by the Backdoor.Rustock backdoor rootkit. xseaqwt slipmenu1.scp X Added by the Backdoor.Rustock backdoor rootkit. oqtxde oqtxde.chm X Added by the Backdoor.Rustock backdoor rootkit. ieqazhew ieqazhew.dll X Added by the Backdoor.Rustock backdoor rootkit. XPROTECTOR Driver xprot.sys X A variant of the Haxdoor rootkit. kasutio kasutio X Added by the Backdoor.Rustock backdoor rootkit. pzqlp pzqlp.chm X Added by the Backdoor.Rustock backdoor rootkit. merqpo merqpo.chm X Added by the Backdoor.Rustock backdoor rootkit. zeqwur zeqwur.chm X Added by the Backdoor.Rustock backdoor rootkit. guntest guntest.chm X Added by the Backdoor.Rustock backdoor rootkit. aiqpbter aiqpbter.chm X Added by the Backdoor.Rustock backdoor rootkit. apcdli apcdli.sys X Added by the Mal/RootKit-A rootkit. rwtatpl rwtatpl.lid X Added by the Backdoor.Rustock backdoor rootkit. rqksgpu rqksgpu.cur X Added by the Backdoor.Rustock backdoor rootkit. mkwsqp mkwsqp.cur X Added by the Backdoor.Rustock backdoor rootkit. lagednick lagednick.chm X Added by the Backdoor.Rustock backdoor rootkit. hqaply hqaply.chm X Added by the Backdoor.Rustock backdoor rootkit. cjwriiigqazft cjwriiigqazft.cat X Added by the Backdoor.Rustock backdoor rootkit. accctsggw accctsggw.cat X Added by the Backdoor.Rustock backdoor rootkit. 3klagia 3klagia.dll X Added by the Backdoor.Rustock backdoor rootkit. werasqlp werasqlp.cur X Added by the Backdoor.Rustock backdoor rootkit. riode32 riode32.sys X Identified as a variant of the Rootkit.Win32.Agent.adm rootkit. yqzsypbgh yqzsypbgh.cat X Added by the Backdoor.Rustock backdoor rootkit. uxgrafj uxgrafj.adm X Added by the Backdoor.Rustock backdoor rootkit. rYehhbqzx rYehhbqzx.adm X Added by the Backdoor.Rustock backdoor rootkit. yutsubk yutsubk.cat X Added by the Backdoor.Rustock backdoor rootkit. kavsvc kavsvc.sys X Added by the Hacktool.Rootkit rootkit. nvcoi nvcoi.exe X Identified as a variant of the Trojan.Downloader.Matcash malware. agehhtd agehhtd.cat X Added by the Backdoor.Rustock backdoor rootkit. qwetab qwetab.inf X Added by the Backdoor.Rustock backdoor rootkit. infoxmid wseqnx.inf X Added by the Backdoor.Rustock backdoor rootkit. ITCom virtual adapter itcom.sys X Identified as a variant of the TR/Rootkit.Gen rootkit. FT StarForce Protector fprot.sys X A variant of the Haxdoor rootkit. hipsrv hipsrv.mm X Added by the Backdoor.Rustock backdoor rootkit. userinfo32 userinfo32.ggt X Added by the Backdoor.Rustock backdoor rootkit. alcop server alcop.sys X Added by a variant of the Goldun.Fam rootkit. efidriver efidriver.drv X Added by the Backdoor.Rustock backdoor rootkit. pcximg pcximg.pif X Added by the Backdoor.Rustock backdoor rootkit. tap64drv tap64drv X Added by the Backdoor.Rustock backdoor rootkit. tunnet tunnet.ocx X Added by the Backdoor.Rustock backdoor rootkit. alcom alcom.sys X A variant of the Haxdoor rootkit. syswindrv syswindrv.bin X Added by the Backdoor.Rustock backdoor rootkit. Advanced Power Management powermgmt.sys X Identified as a variant of the Rootkit.Agent.X rootkit. sysrestore32.exe sysrestore32.exe X Identified as a variant of the TR/Rootkit.Ge rootkit. qtprot qtprot.sys X Identified as a variant of the Trojan.Rootkit.GEY rootkit. hdport hdport.sys X Identified as a variant of the Trojan.Rootkit.GEP rootkit. wer32 jkghje.dll X Added by the Backdoor.Rustock backdoor rootkit. 4fdw 4fdw.dll X Added by the Backdoor.Rustock backdoor rootkit. Open Host Controller Miniport USB Driver ohcuusb.sys X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. Open Host Controller Miniport USB Driver ohctusb.sys X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. Open Host Controller Miniport USB Driver ohciusb.sys X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. Open Host Controller Miniport USB Driver ohbusb.sys X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. Open Host Controller Miniport USB Driver (rev.d) ohdusb.sys X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. Open Host Controller Miniport USB Driver ohcusb.sys X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. .lnk msmapibx32.exe X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. .lnk msmapiax32.exe X Identified as a variant of the Rootkit.Win32.Agent.uj rootkit. jnhjkfrn jnhjkfrn X Added by the Backdoor.Rustock backdoor rootkit. ro0 Service ro0.exe X Added by the Backdoor.HackDefender rootkit. fnhoje fnhoje X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. <not used> helps.dll X Added by the Hacktool.Rootkit rootkit. ellowtab ellowtab.txt X Identified as a variant of the Backdoor.Rustock backdoor and rootkit. btstack btstack.ibs X Added by the Mal/RKRustok-A worm and rootkit. qwer78 qwer78.sys X Added by the Backdoor.Rustock backdoor rootkit. FPU emulation service x86emul.sys X A variant of the Haxdoor Trojan rootkit. sysldr sysldr X Identified as a variant of the Backdoor:Win32/Rustock.gen!C rootkit. srtwe srtwe.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. khtml khtml.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. retx2 retx2.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. nested nested.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. nax12 nax12.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. jecsst jecsst.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. fvelwow fvelwow.sys X Identified as a variant of the Backdoor:Win32/Rustock.gen rootkit. USB2_04 nkv2.sys X Identified as a variant of the Rootkit.Win32.Agent.tj rootkit. agony wininit.sys X Added by the NTRootKit-K rootkit. ntndis ntndis.sys X Added by the Troj/RKProc-F rootkit. BASFNDD BASFNDD.sys X Identified by Kaspersky Antivirus as a variant of the Rootkit.Win32.Agent.to malware. kprof kprof X Added by the Trojan-Proxy.Win32.Wopla.ag rootkit. fak32 fak32.sys X A variant of the Backdoor:Win32/Rustock.gen malware. APC Power Management powerio.sys X Identified as a variant of the RKit/Agent.X.5 rootkit. ntio922 ntio922.sys X Identified as a variant of the RKIT/Agent.EZ rootkit. ndisaluo ndisaluo.sys X Identified as a variant of the TR/Rootkit.Gen rootkit. Object memory mapping 8.0 isodvstg.sys X Added by a variant of the Goldun.Fam rootkit. kcp kcp.sys X Added by the ROJ_ROOTKIT.EW rootkit. ntload v0.1 ntload.sys X Identified as a variant of the Trojan.Ntrootkit.AL rootkit. mp3 audio mp32s.sys X A variant of the TR/Rootkit.Gen rootkit. srr srr.sys X Added by the Rootkit.Agent rootkit. dhlp dhlp.sys X Identified as a variant of the Win32.Rootkit.Gen rootkit. Kernel TCP Filtering protocol necsort.sys X A variant of the Troj/Haxdor-Gen rootkit. Nvdia Native Rendering nvnatv.sys X Added by a variant of the Goldun.Fam rootkit. NVidia XTLayer gateway nvnati.sys X Added by a variant of the Goldun.Fam rootkit. ctl_w32 ctl_w32.sys X Identified as a variant of the Rootkit.Win32.Agent.pq rootkit. Object memory mapping 8.0 ati2kstg.sys X A variant of the Haxdoor rootkit. cjamkm cjamkm.sys X Added by a variant of the Troj/NTRootK-CM rootkit. 63cica 63cica.sys X Added by a variant of the Troj/NTRootK-CL rootkit. ke32psag ke32psag.sys X A variant of the Haxdoor rootkit. ZZZdrv_lich lich.sys X A variant of the Trojan.NtRootKit rootkit. IPv6 BT converter xdrve9d.sys X A variant of the Haxdoor rootkit. ini910p ini910p.sys X A variant of the Ascesso Rootkit. Windows Update Check syslodr.exe X Identified as a variant of the W32/Rootkit.ASA.dropper rootkit. g_rkt win32_rkt.sys X Identified as a variant of the Win32.Rootkit.Agent.MO rootkit. noskrnl noskrnl.sys X Added by the Trojan.Peacomm.D rootkit. Trojan.Peacomm.D is a Trojan horse that gathers system information and email addresses from the compromised computer. NdisWon NdisWon.sys X Identified as a variant of the Ascesso rootkit. RGB video output ycsrga.sys X Added by a variant of the Goldun.Fam rootkit. YVPB video output ycsrgb.sys X Added by a variant of the Goldun.Fam rootkit. Object memory mapping 8.0 ati2psag.sys X Added by a variant of the Goldun.Fam rootkit. asc3550o asc3550o.sys X Identified as a variant of the Trojan.Rootkit.Agent rootkit. asc355O asc355O.sys X Identified as the Trojan.Rootkit.Agent.NCY rootkit. Oddysee ntoskrnl.exe:kernel X Added by the W32.Focelto.A rootkit. This rootkit is a Alternate Data Stream file which requires certain tools to remove it. The ntoskrnl.exe it is attached to is a legitimate Microsoft file and should not be removed. <Random CLSID> sygate.exe N Added by the W32.Focelto.A worm. W32.Focelto.A is a worm that spreads through Microsoft instant messaging clients and uses Rootkit techniques. It opens a back door on the compromised computer. This infection is bundled with the ntoskrnl.exe:kernel ADS rootkit. PPA Virtial rendering nvsystl3.sys X Added by a variant of the Goldun.Fam rootkit. Rege memory mapper flashsmt.sys X Added by a variant of the Goldun.Fam rootkit. wsnpoem.sys wsnpoem.sys X Identified as the Backdoor.Win32.Small.lu/Rootkit.V malware. Megadrv3 srosa.sys X Added by the W32.Beagle.GM rootkit. srosa srosa.sys X Added by the TROJ_ROOTKIT.JS rootkit. protect Protect.sys X A variant of the Trojan.NtRootKit.361 rootkit. asc355 asc355.sys X A variant of the TROJ_AGENT.AAND rootkit. NVidia TLayer gateway A2 nvmapi.sys X Added by a variant of the Goldun.Fam rootkit. Memory SCN ovwscn.sys X Added by a variant of the Goldun.Fam rootkit. Memory SCN X1 ovrscn.sys X Added by a variant of the Goldun.Fam rootkit. ro0 Service ro0.exe X Identified as a Spambot variant. MSDV Driver msdvdr.pif X A variant of the HackerDefender rootkit. SysLibrary DefLib.sys X Added by the Troj/NtRootK-CA rootkit. Object memory mapping 8.0 ati2ksag.sys X Added by a variant of the Goldun.Fam rootkit. ytghyuiokjnmvrq wincab.sys X Added by the Mal/RootKit-A rootkit. The service and display name are typically random. spooldr spooldr.sys X Added by the Trojan.Peacomm.C rootkit. yscpsdfh zscpsdfh.sys X Added by the Troj/RKPort-Fam Trojan rootkit. yvaeypeb zvaeypeb.sys X Added by the Troj/Bckdr-QJB rootkit. yxwituxh zxwituxh.sys X Added by the Troj/Dropper-QV rootkit. <not used> WINFBI32.dll X