Rootkit:W32/Xanti.gen!A is a Generic Detection that identifies malware attempting to create a device file on the computer named \Device\Beep.
About Generic Detections
Unlike signature or single-file detections, a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.
If the malware manages to run, it will create the following files:
The malware may also drop additional malicious programs onto the system:
- cru629.dat - Detected by Backdoor.Win32.Small.cbo, Trojan.Agent.AIER
- braviax.exe - Detected by Trojan-Clicker.Win32.Delf.akw, Trojan.Crypt.EQ
When one of the following processes are executed:
The malware will create the following launchpoints in the Windows Registry: