Threat Database Rootkits SVC:MBAMSwissArmy Rootkit

SVC:MBAMSwissArmy Rootkit

By GoldSparrow in Rootkits

SVC:MBAMSwissArmy is a rootkit that modifies a genuine file named mbamswissarmy.sys and, thus, makes the main application to deteriorate. SVC:MBAMSwissArmy Rootkit loads automatically whenever the corrupted application is run. SVC:MBAMSwissArmy Rootkit disguises itself on the affected machine by attaching its own code to original Windows system files. SVC:MBAMSwissArmy Rootkit may be hard to find and uninstall from the compromised PC. SVC:MBAMSwissArmy Rootkit usually makes use of the network exploits to invade the targeted computer system.

File System Details

SVC:MBAMSwissArmy Rootkit may create the following file(s):
# File Name Detections
1. C:\Windows\system32\drivers\mbamswissarmy.sys

Trending

Most Viewed

Loading...