Troj/NtRootK-CY

Category	Viruses and Spyware
Type	Rootkit
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
More Information


Affected operating systems	Windows
Included in our products from	April 2008 (4.28)
Protection available since	21 February 2008 04:26:07 (GMT)
Detected by	All Sophos products

More Information

Summary
More Information

Troj/NtRootK-CY is a rootkit Trojan for the Windows platform.

When run Troj/NtRootK-CY creates the following files:

<System>\config\<random values>.evt - also detected as Troj/NtRootK-CY
<System>\dllcache\cdaudio.sys - not malicious
<System>\dllcache\beep.sys - not malicious

Troj/NtRootK-CY creates a service with the name "asc3550p". Registry entries are created under:

HKLM\SYSTEM\CurrentControlSet\Services\asc3550p\

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Troj/NtRootK-CY

Summary

More Information