1. /
  2. Security Response/
  3. Trojan.Mebroot!gen2


Risk Level 1: Very Low

November 12, 2010
November 8, 2012 3:57:27 PM
Systems Affected:
Windows 2000, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
Trojan.Mebroot!gen2 is a heuristic detection used to detect threats associated with Trojan.Mebroot.

For more information, please see the following resource:

Antivirus Protection Dates

  • Initial Rapid Release version November 12, 2010 revision 020
  • Latest Rapid Release version November 12, 2010 revision 020
  • Initial Daily Certified version November 12, 2010 revision 024
  • Latest Daily Certified version November 12, 2010 revision 024
  • Initial Weekly Certified release date November 17, 2010
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Moderate
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Opens a back door on the compromised computer.
  • Releases Confidential Info: Installs modules that attempt to steal information.
  • Causes System Instability: Modifies the Master Boot Record (MBR).
  • Compromises Security Settings: Bypasses firewalls and other security software.


  • Distribution Level: Low
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report