Rootkit

How to remove “Rootkit.50912 (B)”?

Malware Removal

The Rootkit.50912 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Rootkit.50912 (B) virus can do?

  • Authenticode signature is invalid
  • Creates a copy of itself

How to determine Rootkit.50912 (B)?


File Info:

name: 66F25A53520423E6DEED.mlw
path: /opt/CAPEv2/storage/binaries/66946428379578427a243435c2f1159d641023c29a701d7c8d55abdbb31096cc
crc32: F6B5FB93
md5: 66f25a53520423e6deed7fe282579f2d
sha1: 0a20d7f4a3a594e428293555bb32bd2b50d88b98
sha256: 66946428379578427a243435c2f1159d641023c29a701d7c8d55abdbb31096cc
sha512: d3f3a09233fcb2271416eb41b74a122cdff3cedfe753da0caa4156a4302f5ab7b392b9a2fc6e85248d84c09096ea2b81e6a7f887429f3db83ef9f0f3a18a8110
ssdeep: 768:ZGBKzFj0NbVANwqKfXyLhgkPn2vEDC52CjaXLL6:Ug0NbVAzKfA//CebL6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A5334A0EB694C072D87206705875B6619F3B7C625F78529B3B8812BD6FB26C08B3C357
sha3_384: e7dc352e380c04ba28210c55156e71206ef93d90a4bd4e1155f14343aa38d270ebe721a804b0f8cb0fd526031bab2975
ep_bytes: e83c250000e989feffffc70170824000
timestamp: 2011-09-17 16:25:04

Version Info:

0: [No Data]

Rootkit.50912 (B) also known as:

LionicTrojan.Win32.Reconyc.4!c
FireEyeGeneric.mg.66f25a53520423e6
ALYacRootkit.50912
CylanceUnsafe
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojan:Win32/Reconyc.1faf4511
BitDefenderThetaGen:NN.ZexaF.34592.duW@aiZLpbci
CyrenW32/NewMalware-Rootkit-I-based!
SymantecML.Attribute.HighConfidence
Paloaltogeneric.ml
KasperskyTrojan.Win32.Reconyc.efkk
NANO-AntivirusTrojan.Win32.TrjGen.edgisr
AvastWin32:Malware-gen
TencentWin32.Exploit.50912.bmzq
EmsisoftRootkit.50912 (B)
ComodoMalware@#2ix009hq8yr9v
VIPRERootkit.50912
TrendMicroTROJ_GEN.R002C0RHD22
McAfee-GW-EditionBehavesLike.Win32.NetLoader.qm
SophosMal/Emogen-Y
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/Genome.bhib
GoogleDetected
AviraRKIT/50912.A.1
Antiy-AVLTrojan/Generic.ASMalwS.35E5
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataRootkit.50912
CynetMalicious (score: 99)
McAfeeArtemis!66F25A535204
MAXmalware (ai score=84)
VBA32BScope.Trojan.Reconyc
TrendMicro-HouseCallTROJ_GEN.R002C0RHD22
RisingTrojan.Reconyc!8.153 (CLOUD)
IkarusRootkit
FortinetW32/Emogen.Y
AVGWin32:Malware-gen
Cybereasonmalicious.352042
PandaGeneric Malware

How to remove Rootkit.50912 (B)?

Rootkit.50912 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment