Posted: November 17, 2014
Threat Metric
Threat Level: 1/10
Infected PCs 25

Rootkit.Cidox.G.VBR Description

Rootkit.Cidox.G.VBR is a rootkit that compromises your system to enable other attacks. Members of the Cidox family may support each other in campaigns that lock the Windows desktop to demand a ransom fee or collect information. Since Rootkit.Cidox.G.VBR loads before your operating system, you may need to use advanced anti-malware techniques and tools for deleting Rootkit.Cidox.G.VBR, particularly in the likely event of other threats being in play.

The Thief that Hides behind the Names of Other Thieves

Rootkit.Cidox.G.VBR is one of the several members of the Cidox or Cidex family that may instigate attacks that lock the Windows desktop, preventing any access to most programs. While this attack occurs, pop-up warnings regarding the presence of CryptoWall (a prominent, ransomware-based family of file encryptors) will appear and request money to remove the infection. However, Rootkit.Cidox.G.VBR and other Cidox-based threats merely use these pop-ups as a well-disguised, illicit ransom of their own.

Rootkit.Cidox.G.VBR also may be associated with attempts to redirect your Web browser to unsafe Web domains. Rootkit.Cidox.G.VBR also may enable the collection of data via keylogging, form-grabbing and other techniques that may target typed or browser-entered information. Passwords and login names for bank sites are especially common targets of these attacks.

Rootkit.Cidox.G.VBR may be just one of multiple Cidox components on any infected PC. Rootkit.Cidox.G.VBR is specific to Windows machines, with a structure for installing itself to the NTFS Volume Boot Record. This means of installation allows Rootkit.Cidox.G.VBR's loading before any Windows programs and lets Rootkit.Cidox.G.VBR run without any requirement for a memory process.

Wiping Your VBR Clean of Rootkit.Cidox.G.VBR

Improperly removing Rootkit.Cidox.G.VBR may cause Windows to fail to boot, as is the case with many rootkit-based threats. By itself, Rootkit.Cidox.G.VBR does not necessarily display any symptoms, and anti-malware products not designed for detecting high-level threats may be unable to identify Rootkit.Cidox.G.VBR. To account for Rootkit.Cidox.G.VBR's defenses and the presence of related threats, any scans to remove Rootkit.Cidox.G.VBR should use Safe Mode. Malware experts also encourage using multiple scans during the progress of at least one reboot.

Rootkit.Cidox.G.VBR profits primarily by confusing its victims into believing that their PCs are infected by threatening software that's unrelated to Rootkit.Cidox.G.VBR. Whether or not you believe that your PC has been locked or encrypted by Windows lockers, file encryptors or other forms of ransomware, paying a demanded ransom always is the worst solution to such a security crisis. Using legitimate security tools always is the recourse malware experts recommend, and regular file backups can prevent any long term data loss from such attacks.

Rootkit.Cidox.G.VBR appears to remain in distribution as of November 2014 and is compatible with most modern versions of Windows, such as Windows 7. Its distribution methods still are under investigation.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Rootkit.Cidox.G.VBR may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Rootkits Rootkit.Cidox.G.VBR

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.