Comodo's HIPS versus MBR rootkit (changes itself and strikes again!):

Does anyone know something about new MBR rootkit and can any HIPS including Comodo’s detect it?

Because on Wilders Security forums they say that this new MBR rootkit is undetectable by “normal” HIPS.


I think the PrevX guy explains this quite well…

The HIPS in CIS can prevent it “if properly configured”… However to clean it once you let the baddie install itself will be harder and possible require a special cleaning tool… But its no hidden fact that a computer that once been infected can not be fully trusted. =/ So make sure you prevent the baddies in the first place… I think there is a other thread about MBR rootkits somewhere but Iam to lazy to look it up… =/