Jump to content

What is Rootkit.Fileless.MTGen?


Recommended Posts

Hey all, I've been using malwarebytes for a while now and this is a first for me. 

 

I was playing an online game (world of tanks) and my mic suddenly turned off. Long story short, I found out that something is messing with my microphone property levels. It keeps going to 0 and muting itself. That prompted me to run a scan and found a trojan which malwarebytes removed. But after a restart and another scan, I found these...

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/22/2015
Scan Time: 4:48 PM
Logfile: damnmalware.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.12.22.07
Rootkit Database: v2015.12.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Gil
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330294
Time Elapsed: 5 min, 24 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 2
Rootkit.Fileless.MTGen, HKU\S-1-5-21-1093315256-1789474725-1622760118-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^52a9c091, , [b86723858ffc61d5c0014938966dc63a], 
Rootkit.Fileless.MTGen, HKU\S-1-5-21-1093315256-1789474725-1622760118-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^9e1992f0, , [27f8763227641224249d6d14649fa957], 
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
It keeps appearing every time I run the scan. Is this a real threat or a false positive?
 
Running McAfee full system scan right now. Will update later if it finds anything,
Link to post
Share on other sites

Hello and :welcome: :
 

 

We are not permitted to review scan logs or work on possible malware-related issues here in this section of the forum.
Such work is conducted in a special forum area reserved for that purpose, or at the help desk.

 

But it also looks as if you are running an older, outdated MBAM version (2.1.8).

The current version is 2.2.0.

So, you might want to start with a clean upgrade to the current build, by carefully following the steps in this tutorial: MBAM Clean Removal Process 2x

If that doesn't resolve your issue, then I suggest that you might want to please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested, preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue.

 

On the other hand, if you think the detections might be a "false positive" by MBAM, I suggest starting first with the sticky topic here.

Then, please post the requested information over in the File Detections False Positives sub-forum.

The Malwarebytes researchers will review the information and will advise you.

Thanks,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.