Short Bio

Rootkit.Fileless.MTGen is the generic detection for fileless infections that use a rootkit to hide their presence. In the majority of the cases, they use registry keys that are designed to run Powershell commands that carry out the rest of the infection. Other than Powershell, we have also seen the mshta command.

More information about fileless infections can be found in our blog post, Fileless Infections: An Overview.


Some of these Trojans are very difficult to remove. Make sure that the scan for rootkits in Malwarebytes is enabled under “Scan options” on the “Protection” tab.

Associated threats

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language