Get Satisfaction uses Javascript and cookies.

You'll need to enable Javascript and cookies to log-in and participate.

Share Follow

Know any helpful people?
Email this to a friend
- Your Name:
- Your Email:
- Email to: Enter up to 5 email addresses separated by commas
- Add an optional message
- Optional Message:
  Character limit of 1000 characters
- Or cancel
Twitter this
Share on Facebook
Get a short URL

Share it on these other sites

6 replys made

5 persons participating

The mood in here

happy 1

silly 0

indifferent 0

sad 1

Products & Services

VIPRE Antivirus + Antispyware

Add a product

This topic is tagged

Add a tag

Generic MBR rootkit question

Last night my scan results listed a generic MBR rootkit. The recommended action was to quarantine this but after running the clean function it changed it to allowed. Tonight this did not show up on my deep scan or a quick scan. How do I find and remove this rootkit?

I’m confused

Inappropriate?

Reply to this question

3 people have this question

I have this question, too! Tell me when someone answers.
The more people who ask this question, the more it gets noticed.

Create a customer community for your own organization

Plans starting at $19/month

Remove Inappropriate?
Delete or Edit

Peterh replied on April 01, 2009 14:18

Mark, Thank you for posting you question.

This is a false positive, it associated with files from backup and restore software. It is not dangerous, and VIpre is not removing the file so it wont cause the backup program to stop working. We are already working to resolve this, it will be in new definitions that it is fixed, which will be sent out automatically

If you have any questions please let us know.
Thanks,
Peter

this answers the question

2 Comments Add a comment This answers the question
Remove
John Manougian commented on May 06, 2009 00:36

I have the same problem with the same Generic MBR Rootkit and while my Counterspy labels it SEVERE it is unable to remove it.
Remove
Mike Williams commented on May 06, 2009 14:04

Hi John,
We have discovered that this Generic MBR root kit appears when Vipre is scanning a section of the hard drive that has been encrypted by back up software such as Goback.
We are working on a way to get around this notification and should have it corrected soon.
Remove Inappropriate?
Delete or Edit

Mark Wolf replied on April 03, 2009 01:22

thanks

I’m thankful

this answers the question

2 Comments Add a comment This answers the question
Remove
John Manougian commented on May 07, 2009 03:00

Thanks Peter. I hope that this gets addressed soon and Yes, I do use GoBack. In the meanwhile, what damage does this MBR root kit do and what should I do until the problem is corrected?
Remove
Nick H. commented on May 07, 2009 13:07

John,

This MBR rootkit detection is a false positive. This means it's not an actual threat so it doesn't do any damage. At the moment VIPRE is set to report only on the MBR rootkit so it won't attempt to remove any traces relating to this detection. Basically, I'd suggest just ignoring the MBR rootkit detection until this is resolved.

Reply to Mark Wolf's question

(Some HTML allowed)

The mood in here

Products & Services

This topic is tagged

Related topics in Sunbelt Software

Generic MBR rootkit question