Well, I started reading about the Win32.Ntldrbot Rustock.C rootkit thinggy, and now I’m a bit frightened.
More info:
http://www.virustotal.com/analisis/f3c4811ee9c7129dbabec54356805a62
http://info.drweb.com/show/3342/en
http://forum.sysinternals.com/forum_posts.asp?TID=14844
http://www.wilderssecurity.com/showthread.php?t=208386
I still don’t truly comprehend this piece of malware. Very evasive (high end of polymorphism) and almost impossible to detect and remove once it gets into the system.
A few things:
-How do I prevent infection?
-What does it do? Turns your PC into a bot (part of the botnet), but what info gets sent off?
-How do you tell if you’re infected?
-What is the avast! team doing about it ?
-What are other security companies doing about it ?
Can someone help me understand this piece of malware better? Anyone able to answer some of my questions?
Thanks very much guys. I really appreciate it !!
EDIT-
06-06-08 Added a link to Dr.Web page, which was the first AV to detect the malware.