Published Jul 12, 2010 | Updated Aug 22, 2017

Win32/Bubnix

Severe |Detected with Windows Defender Antivirus

Aliases: Win-Trojan/Rootkit.792064 (AhnLab) TR/Rootkit.Gen (Avira) Gen:Rootkit.Nixoa.1 (BitDefender) Win32/ASuspect.HADYW (CA) Trojan.NtRootKit.5980 (Dr.Web) Trojan.WinNT.Bubnix (Ikarus) Rootkit.Win32.Agent.aioy (Kaspersky) Generic Rootkit.ej (McAfee) W32/Rootkit.BNQN (Norman) Rootkit/Bubnix.A (Panda) Mal/SysPk-A (Sophos) Hacktool.Rootkit (Symantec) TROJ_BUBNIX.SMA (Trend Micro)

Summary

Win32/Bubnix is a generic detection for a kernel-mode driver installed by other malware that hides its presence on an affected computer by blocking registry and file access to itself. The trojan may report its installation to a remote server, download and distribute spam e-mail messages and could download and execute arbitrary files.
Manual removal is not recommended for this threat. Use the Microsoft Malicious Software Removal Tool, Microsoft Security Essentials, Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.
Follow us