Rootkit infection requires Windows reinstall, says Microsoft

Discussion in 'malware problems & news' started by ronjor, Jun 27, 2011.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    http://www.infoworld.com/d/security/rootkit-infection-requires-windows-reinstall-says-microsoft-398
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    And this is why prevention is so important.
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    MSE does protect you against it.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The article doesn't provide much information. What does it actually do? How is the user infected?

    edit: Proper prevention?
     
    Last edited: Jun 27, 2011
  5. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    re-loading a clean image should do the trick as well i gather.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I also would like to know about that. :isay:
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I mean, it doesn't tell us any symptoms...
     
  10. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    gotcha
     
  12. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Well, what remains to be seen is whether or not variant E has the same symptoms as variant B, or if it will have more.
     
  13. wat0114

    wat0114 Guest

    What else is new?? We see this all the time, where an article explains the damage it can do, but not how it infects, nor how it can be avoided (probably very easily avoided, no doubt). Nothing but bs scare tactics. Another crock of sh&#. More fodder for those who feast off of this kind of of sensationalistic crap, just to stir up their stagnating imaginations, because they don't really have a life in the first place.
     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    why in the hell would microsoft want to use scare tactics when talking about a vulnerability in its own system?

    Though the article misrepresents what they say -- Microsoft does NOT suggest reformatting, they suggest system restoring.
     
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Vulnerability? I haven't seen any mentions to any vulnerabilities o_O Am I missing something? :doubt:

    Regarding the scareware tactics, don't forget that Microsoft also has a paid-for antimalware application. And, according to some tests Microsoft Security Essentials hasn't been doing so great. MSE shares the same engines as the paid-for product.

    This is passing a message, clearly.

    Source: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Popureb.E
     
  16. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    This is where imaging would come in. In a few minutes you could be right back where you were.
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    The title is wrong. A Windows reinstall cannot fix the boot sector, although the setup disc can.
     
  18. guest

    guest Guest

    I always re image if iI get any kind of infection
    this is the only safe way to do it anyhow

    but it doesn't happen but very rarely,(luckily)
     
  19. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    I'm going to release a blog post with more technical details ;)
     
  20. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Yeah! I'm always ready for more Hex. [​IMG]
     
  21. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    been testing this malware in a virtual machine, 1 question i would like answering is does anyone know if an infected system needs to restart for this malware to function correctly?

    i ask this because i infected a virtual machine with this malware and it was not too hard to remove the malware and redirection of internet explorer but i think this might have been due to the fact that i forgot to restart the system before i tried removing the malware
     
  22. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    621
    Location:
    Sydney Australia
    @treehouse786
    Yes reboot after infection to enjoy the carnage ;)
     
  23. RT808

    RT808 Registered Member

    Joined:
    May 16, 2011
    Posts:
    9
    so the big powerhouse anti-virus firms can't remove it? MS must be desperate to issue something like that
     
  24. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    lol thanks, will have a go tonight
     
  25. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    ok i let the machine restart before attempting to remove it, was pretty easy, am i missing something here? whats the big fuss about this malware?
     
Loading...
Thread Status:
Not open for further replies.