Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: TequilaChaser on June 28, 2011, 05:03:33 PM
-
Posted: June 27th, 2011 6:30 pm
PCWorld » Security
Rootkit Infection Requires Windows Reinstall, Says Microsoft
Microsoft is telling Windows users that they'll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine's boot sector.
A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center (MMPC), said last week on the group's blog .
"If your system does get infected with Trojan:Win32/Popureb.E, we advise you to fix the MBR and then use a recovery CD to restore your system to a pre-infected state," said Feng.
A recovery disc returns Windows to its factory settings
NOTE: Read the complete Report / Original Article at the Link below........
Original Article Link: http://www.pcworld.com/article/231255/rootkit_infection_requires_windows_reinstall_says_microsoft.html
Hope posting this here, might be useful to someone ( but seriously Hope noone has ran in to this problem )
TC
-
Good time to have a shadow copy like acronis, ghost, paragon, etc. Format and restore and overwrite the mbr at the same time.
-
Posted: June 27th, 2011 6:30 pm
PCWorld » Security
Original Article Link: http://www.pcworld.com/article/231255/rootkit_infection_requires_windows_reinstall_says_microsoft.html
Hope posting this here, might be useful to someone ( but seriously Hope noone has ran in to this problem )
TC
It does not require reinstall. Just MBR fix and cleanup. The writer of the article just can't read.
Here's the MS blog post mentioned in article:
http://blogs.technet.com/b/mmpc/archive/2011/06/22/don-t-write-it-read-it-instead.aspx
-
It does not require reinstall. Just MBR fix and cleanup. The writer of the article just can't read.
Here's the MS blog post mentioned in article:
http://blogs.technet.com/b/mmpc/archive/2011/06/22/don-t-write-it-read-it-instead.aspx
Thanks Bighorn for posting the actual MS technet Blog......... it was not originally included on the pcworld article I posted the reference link of....... which is kind of strange, just about all my previous post like this include the MS reference report along with the news article......
I see that they went and edited/changed the "fix" instructions after I originally posted it here / same day I posted it here ( see quote below ):
Update 6/28/2011:
A clarification was made to the blog content concerning remediation efforts for the malware mentioned
thanks again for the update
<S>
TC
-
Thanks Bighorn for posting the actual MS technet Blog......... it was not originally included on the pcworld article I posted the reference link of....... which is kind of strange, just about all my previous post like this include the MS reference report along with the news article......
I see that they went and edited/changed the "fix" instructions after I originally posted it here / same day I posted it here ( see quote below ):
thanks again for the update
<S>
TC
Yes, in original article they omitted "you must still fix the MBR first" in optional "Windows Restore" fix. Some people actually went that way, and after complete restore their systems remained infected.