Rootkit.Fileless.MTGen is the generic detection for fileless infections that use a rootkit to hide their presence. In the majority of the cases, they use registry keys that are designed to run Powershell commands that carry out the rest of the infection. Other than Powershell, we have also seen the mshta command.
More information about fileless infections can be found in our blog post, Fileless Infections: An Overview.
Some of these Trojans are very difficult to remove. Make sure that the scan for rootkits in Malwarebytes is enabled under “Scan options” on the “Protection” tab.
Select your language