- Connects to the internet without permission
- Installs itself without permissions
- Slow Computer
- Slow internet connection
Trojan.Resmu.A!rootkit is a type of rootkit that operates at kernel level, and it is installed by TrojanDropper:Win32/Resmu.A. The presence of the file called srenum.sys indicates that the system is infected with Trojan.Resmu.A!rootkit. This file is usually dropped into the main system folder (System32) that is present in all versions of Windows, even though the exact file path might differ from one version to another. Since this rootkit helps the related malware dropper to download and install additional malware, Trojan.Resmu.A!rootkit is a dangerous infection that has to be removed immediately.
The rootkit is installed onto your computer in order to hook Network Driver Interface Specification, and then use ndisrd driver to connect to a list of remote servers. Through HTTP Trojan.Resmu.A!rootkit is able to connect the following servers: bkglpvdh.com, kknbktja.com, otnvgeve.com, vqjtjqty.org, ximfmhsa.com and many more. Once it connects to these servers, Trojan.Resmu.A!rootkit downloads arbitrary files that once executed add up to the overall system infection.
In a sense, Trojan.Resmu.A!rootkit is not an infection that can stand on its own - it IS a part of the Trojan malware dropper, but this rootkit allows the Trojan to function unnoticed for a time being, damaging your system without you even realizing it. Thus, you have to remove Trojan.Resmu.A!rootkit along with TrojanDropper:Win32/Resmu.A, otherwise, your system will soon be heavily compromised, and you might even need to reinstall the Windows.
Since removing rootkits manually is very hard, and only experienced computer users can do, you are advised to get yourself a trustworthy antimalware program that will kill Trojan.Resmu.A!rootkit for you automatically. At the same time the program will also remove TrojanDropper:Win32/Resmu.A and your computer will be clean again.