Threat Database Rootkits TR/Rootkit.Gen2

TR/Rootkit.Gen2

By LoneStar in Rootkits

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 449
First Seen: December 28, 2011
Last Seen: December 31, 2020
OS(es) Affected: Windows

TR/Rootkit.Gen2 is a rootkit that uses a system's Master Boot Record (MBR) as a launching ground. When doing so, TR/Rootkit.Gen2 may be able to initiate certain malicious actions without any interaction from the administrator or computer user. TR/Rootkit.Gen2 may run undetected for long periods of time. Manual remove is virtually impossible due to TR/Rootkit.Gen2 embedding itself deep into the system. The use of a trusted antispyware application may be necessary to completely rid a system of TR/Rootkit.Gen2.

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Panda Trj/OCJ.C
AVG Hider.STP
Fortinet W32/Rootkit_Kryptik.RU
McAfee Artemis!DC441FC394D2
AVG Agent3.AWLG
Sophos Mal/ZAccess-C
McAfee-GW-Edition Generic BackDoor!d2o
ClamAV Trojan.Rootkit-3753
Avast Win32:Zeroot [Rtk]
NOD32 Win32/Sirefef.DM
McAfee ZeroAccess.r
AVG Hider.USU
DrWeb BackDoor.Maxplus
Sophos Mal/Generic-S
Avast Win32:Sirefef-AYM [Rtk]

SpyHunter Detects & Remove TR/Rootkit.Gen2

File System Details

TR/Rootkit.Gen2 may create the following file(s):
# File Name MD5 Detections
1. dfsc.sys 1f3e517a0717cda4ca95d9139bf9e0ab 35
2. dfsc.sys f7f11e66abf5c225437cb8bf219564a4 32
3. abasee.sys 8b8bfe4a0668e827528a772413ff58d1 22
4. tdx.sys 1f07ca2ef89e72705ede7a310647ce44 17
5. tdx.sys 8dcad53bba01450d47faff5fafec0d65 16
6. ipsec.sys 4eb0d03142d98d9145d834fc32ab91b9 13
7. tmtdi.sys 5170bba4c7773193f0b09e81e8b90449 13
8. netbt.sys 4f81e9a79eb44e2c806df03210e0a158 12
9. 5016.sys 4efda15442033bf856d805af3d84ef2d 12
10. netbt.sys 8c90505c642dfd8d63236cd7e59c111e 8
11. afd.sys 019e4406ea95f682d601b4180de098b6 8
12. dfsc.sys 38523be01eb6165df02199af46a6c04a 8
13. cdrom.sys 386f5af2eb9ed07dfe58a6550293db8c 8
14. netbt.sys cd94b5242e1e00ff83ff2f91defb1493 8
15. csc.sys 0cf826dd4cd540d899679200d4af1166 8
16. 5689.sys e71abe44112ddfb3fffc1dc9c3b73291 7
17. smb.sys 95e9030e4d9f28e92f2915f47b4859a1 7
18. netbt.sys acc367db6058f3fae97201fd6b553b51 5
19. mrxsmb.sys 4938666bd0af200025aba945047d1c52 4
20. afd.sys 7c98aa643eab5a0eabc786239db07993 4
21. netbt.sys e97c53038ccd221485e223a7c0516b6a 4
22. cdrom.sys 608876dd82ed880c6e65f146c9c7a6ec 4
23. dfsc.sys 3a2f2ee25152188a9a0d97c3dad5ebdb 3
24. i8042prt.sys 7b187f8fd0f8be0c59d5726213fa5552 3
25. bsbxdefc.sys 1042058c8549bdaba98eb54e4c8ef41c 2
26. tdx.sys 597e080592f0128623d21c0ad071f280 1
27. 18102.sys dc441fc394d28d0aaf897412a3c2cad5 1
28. %Temp%\mswinsck.exe
29. %Documents and Settings%\All Users\Application Data iosejgfse.dll
More files

Registry Details

TR/Rootkit.Gen2 may create the following registry entry or registry entries:
HKEY_CLASSES_ROOT\secfile

Trending

Most Viewed

Loading...