VirTool:WinNT/Rootkitdrv.HS

By Domesticus in Malware

Threat Scorecard

Ranking:	16,284
Threat Level:	80 % (High)
Infected Computers:	1,716

First Seen:	December 21, 2010
Last Seen:	September 14, 2023
OS(es) Affected:	Windows

VirTool:WinNT/Rootkitdrv.HS is dangerous malware with rootkit functionality. VirTool:WinNT/Rootkitdrv.HS may enter a system bundled with other malware or internet downloads. VirTool:WinNT/Rootkitdrv.HS uses stealth tactics to operate without being detected. When inside a system, it will make changes to the Windows registry and drop malicious files onto the system. VirTool:WinNT/Rootkitdrv.HS may also slow down the operations of a system and cause it to crash. VirTool:WinNT/Rootkitdrv.HS is a security risk that should be extinguished from a compromised machine immediately after it is detected.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Fortinet	W32/Tiny.A!tr.rkit
eSafe	Win32.Tiny.A.Rkit
McAfee	Artemis!68857466541B
Fortinet	W32/Agent.GGYM!tr
AhnLab-V3	Malware/Win32.Inno
AntiVir	DR/StartPage.agyh.5
DrWeb	Trojan.Siggen2.12629
McAfee	Artemis!BE8EA443C780
Panda	Generic Rootkit
Fortinet	W32/ZAccess.C!tr.rkit
AhnLab-V3	Backdoor/Win32.ZAccess
McAfee-GW-Edition	Heuristic.BehavesLike.Win32.Suspicious.A
Comodo	TrojWare.Win32.Rootkit.ZAccess.A
Kaspersky	Rootkit.Win32.ZAccess.c
eSafe	Win32.TRRootkit

SpyHunter Detects & Remove VirTool:WinNT/Rootkitdrv.HS

File System Details

VirTool:WinNT/Rootkitdrv.HS may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	nc.exe	ab41b1e2db77cebd9e2779110ee3915d	743
Name: nc.exe MD5: ab41b1e2db77cebd9e2779110ee3915d Size: 61.44 KB (61440 bytes) Detections: 743 Type: Executable File Path: %SYSTEMDRIVE%\Downloads 2\Cryptload_1.1.8\cl1.1.8\router\FRITZ!Box\nc.exe Group: Malware file Last Updated: August 31, 2023
2.	SecuROM.dll	0f176c410f05cd8f7c1268674a21d262	131
Name: SecuROM.dll MD5: 0f176c410f05cd8f7c1268674a21d262 Size: 144.89 KB (144896 bytes) Detections: 131 Type: Dynamic link library Path: E:\Leikir\Medal Of Honor Limited Edition 2010 crack by ozgurd\SecuROM.dll Group: Malware file Last Updated: September 14, 2023
3.	SoftwareProtection.exe	8ac110d9eea01b33a7cbf614f7f3d2c8	16
Name: SoftwareProtection.exe MD5: 8ac110d9eea01b33a7cbf614f7f3d2c8 Size: 314.45 KB (314456 bytes) Detections: 16 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: December 22, 2010
4.	gloom.sys	68857466541bb1b800d48caf3a79ae83	9
Name: gloom.sys MD5: 68857466541bb1b800d48caf3a79ae83 Size: 5.63 KB (5632 bytes) Detections: 9 Type: System file Path: %WINDIR%\system32 Group: Malware file Last Updated: November 30, 2018
5.	L2.exe	40d767b25a2433cb34371740ecee2ad7	9
Name: L2.exe MD5: 40d767b25a2433cb34371740ecee2ad7 Size: 257.53 KB (257536 bytes) Detections: 9 Type: Executable File Path: C:\Эрболот\Users\<username>\Downloads\L2.exe Group: Malware file Last Updated: November 15, 2021
6.	ag02.sys	241b9318dfe7f887da2bb6a1304db829	8
Name: ag02.sys MD5: 241b9318dfe7f887da2bb6a1304db829 Size: 14.59 KB (14592 bytes) Detections: 8 Type: System file Path: %WINDIR%\System32\drivers Group: Malware file Last Updated: December 23, 2010
7.	update.sys	b4f334ee63329e31f5f5a106f1274468	4
Name: update.sys MD5: b4f334ee63329e31f5f5a106f1274468 Size: 384.76 KB (384768 bytes) Detections: 4 Type: System file Path: %WINDIR%\System32\DRIVERS Group: Malware file Last Updated: April 26, 2011
8.	`.vbe	1ee104ec7956ec629513fab340cdc876	3
Name: `.vbe MD5: 1ee104ec7956ec629513fab340cdc876 Size: 6.35 KB (6351 bytes) Detections: 3 Group: Malware file Last Updated: December 23, 2010
9.	VVisit.exe	9ac1a518343130e14b0994efcba9f737	3
Name: VVisit.exe MD5: 9ac1a518343130e14b0994efcba9f737 Size: 1.4 MB (1404928 bytes) Detections: 3 Type: Executable File Path: C:\RECYCLER Group: Malware file Last Updated: December 22, 2010
10.	msngserv.exe	00c2be29de6d10ca331890e971621a93	2
Name: msngserv.exe MD5: 00c2be29de6d10ca331890e971621a93 Size: 47.1 KB (47104 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\Windows Live\Messenger Group: Malware file Last Updated: December 23, 2010
11.	netbios.sys	cc760b29d88869a51d9b7fc3c08e1a3c	2
Name: netbios.sys MD5: cc760b29d88869a51d9b7fc3c08e1a3c Size: 34.68 KB (34688 bytes) Detections: 2 Type: System file Path: %WINDIR%\System32\DRIVERS Group: Malware file Last Updated: December 28, 2010
12.	redbook.sys	9ed828b092be4a6df3fa6140c3c1496c	2
Name: redbook.sys MD5: 9ed828b092be4a6df3fa6140c3c1496c Size: 57.6 KB (57600 bytes) Detections: 2 Type: System file Path: %WINDIR%\System32\DRIVERS Group: Malware file Last Updated: March 6, 2011
13.	RegCtrlwow.exe	303f047429d5344c78759eb38ea8a345	2
Name: RegCtrlwow.exe MD5: 303f047429d5344c78759eb38ea8a345 Size: 499.2 KB (499200 bytes) Detections: 2 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: December 23, 2010
14.	mscms32.dll	6d1c7ccdc56f4c27272ccf6fb7bdcb67	2
Name: mscms32.dll MD5: 6d1c7ccdc56f4c27272ccf6fb7bdcb67 Size: 252.41 KB (252416 bytes) Detections: 2 Type: Dynamic link library Path: %WINDIR%\system32 Group: Malware file Last Updated: December 28, 2010
15.	authz32.dll	36e411823194c0e1fe91b8f75d3a6b4d	2
Name: authz32.dll MD5: 36e411823194c0e1fe91b8f75d3a6b4d Size: 418.81 KB (418816 bytes) Detections: 2 Type: Dynamic link library Path: %WINDIR%\system32 Group: Malware file Last Updated: December 28, 2010
16.	SkyShield.sys	30cbd19534aed6fc0611b3146f7722a2	1
Name: SkyShield.sys MD5: 30cbd19534aed6fc0611b3146f7722a2 Size: 8.42 KB (8422 bytes) Detections: 1 Type: System file Path: D:\Belgeler\1299_Client_HiimOki Group: Malware file Last Updated: January 9, 2011
17.	ndiswan.sys	d618eedfdbe3c753c9bf82611427fad5	1
Name: ndiswan.sys MD5: d618eedfdbe3c753c9bf82611427fad5 Size: 91.52 KB (91520 bytes) Detections: 1 Type: System file Path: %WINDIR%\System32\DRIVERS Group: Malware file Last Updated: December 21, 2010
18.	i8042prt.sys	77022784e8da14515d1f09fe38f5e8f9	1
Name: i8042prt.sys MD5: 77022784e8da14515d1f09fe38f5e8f9 Size: 53.24 KB (53248 bytes) Detections: 1 Type: System file Path: %WINDIR%\System32\DRIVERS Group: Malware file Last Updated: March 22, 2011
19.	api-ms-win-core-handle-l1-1-032.dll	83a2806d43cdd608df238cd802481f2e	1
Name: api-ms-win-core-handle-l1-1-032.dll MD5: 83a2806d43cdd608df238cd802481f2e Size: 260.6 KB (260608 bytes) Detections: 1 Type: Dynamic link library Path: %ALLUSERSPROFILE% Group: Malware file Last Updated: December 24, 2010
20.	pctuto_353.exe	be8ea443c78032bb9ebc8c27d7b195b0	1
Name: pctuto_353.exe MD5: be8ea443c78032bb9ebc8c27d7b195b0 Size: 1.87 MB (1874320 bytes) Detections: 1 Type: Executable File Path: %USERPROFILE%\Mes documents\PHOTOSHOP\CADRES Group: Malware file Last Updated: May 6, 2011

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

VirTool:WinNT/Rootkitdrv.HS

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove VirTool:WinNT/Rootkitdrv.HS

File System Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen