Current category:Malware

Rootkit Woes

Rootkits are a particularly nasty form of malware, in-so-far as once they install, they cover their tracks and make it very difficult to find them, let alone uninstall.

A case in point is the particularly nasty Win32:Popureb.E variant bootkit (so-called because it uses the master boot record (MBR) to hide itself), which Microsoft announced on their technet blog that not only is a complete reinstall of the OS necessary to remove the malware, but the MBR also needs to be fixed before the reinstall takes place, something that might be beyond the capabilities of inexperienced users.

This problem is exacerbated further due to their being no one simple process to clean the MBR, but differing processes, dependent on the operating system you are using, using either the Windows Recovery Console and BOOTREC.exe to fix the MBR or other tools, post XP (Detailed instructions here: for Windows XP, Windows Vista and Windows 7).

But what can you do to prevent rootkit infections in the first place?

  1. Make sure your antivirus supports rootkit detection (VIRUSfighter Pro and VIRUSfighter for Servers does)
  2. Be exceedingly careful what sites you visit, and what you download
  3. Keep your system patched when such patches are offered by the OS
  4. If you are unsure of how to deal with issues, hire a professional (which does not need to be expensive) to solve them for you
  5. Don’t “leave it” for now, hoping the problem will go away, or correct itself – it rarely does, and you are left vulnerable to further malware infection and identity theft
Surfing with care, an up-to-date antivirus and an excellent anti-spyware can help, as well as keeping your system patched with the latest updates from Microsoft.
GD Star Rating
loading...

About Justin Bellinger

Justin is an experienced software professional, having worked in software and software security for nearly 20 years. Justin is VP of Security Products at SPAMfighter.
This entry was posted in Malware and tagged , , , , . Bookmark the permalink.

2 Comments

  1. Bond says:

    I would like you to keep up the good work.You know how to make your post understandable for most of the people.I will definitely share it with others.Thanks for sharing.

  2. Dixia Shi says:

    Great post! Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. They can lie hidden on computers and remain undetected by antivirus software. Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>