ping
I may have had this. A google search on popureb shows an MS site which says it “displays advertisments”. That was my problem, plus of course I couldn’t get rid of it. After various consultations, I installed Norton Antivirus from a purchased CDROM, which seemed to get rid of it. I’ve been running for some time now without being bothered. The Norton software impressed me as some serious s**t. It didn’t just do a sweep, but asked if you still had a problem and escalated. It even had explicitly designated anti-Rootkit software, which I invoked. Well, who knows, but as I say, it certainly seems to have worked.
From the comments.. You do not need to reformat.
This article needs to be corrected. The source does NOT say you have to reinstall Windows. Here is how to recover from it. This will not force you to reinstall Windows.
“If your system does get infected with Trojan:Win32/Popureb.E, we advise you to fix the MBR and then use a recovery CD to restore your system to a pre-infected state (as sometimes restoring a system may not restore the MBR). To fix the MBR, we advise that you use the System Recovery Console, which supports a command called “fixmbr”.”
>At the time, Microsoft’s advice was similar to what Feng is now offering for Popureb.
“If customers cannot confirm removal of the Alureon rootkit using their chosen anti-virus/anti-malware software, the most secure recommendation is for the owner of the system to back up important files and completely restore the system from a cleanly formatted disk,” said Mike Reavey, director of the Microsoft Security Response Center (MSRC), in February 2010.<
*
pFFFT. I solved the Alureon rootkit without re-booting. What do I know. I consulted for Kaspersky and an Avast “Evangelist”. Relying on your anti-virus software alone and Malwarebytes isn’t enough.
I actually witnessed a rootkit take down the Pro version of Malwarebytes. Now that’s scary.
So if this rootkit infection hides from your security programs, how do you know if you are infected?
I use several programs with heuristic scanning that is supposed to prevent any changes and my scans always come up clean.
MBR and Recovery do not require reinstallation. Typical overhyped nonsense.
Simply use FREE Kapsersky TDS
http://support.kaspersky.com/viruses/solutions?qid=208280684
Step one: stop the virus using rkil. its FREE
http://www.bleepingcomputer.com/download/anti-virus/rkill
You can rename name to other than rkill in case the virus looks for rkill and does not allow its being run. Save it as suzie for example
Step two:The run Kasperksy Root Kill Remover
Step three: Then run MalwareBytes - Costs money but works 100%.
Don't ever pay the scammers for the "Cure", they will take your money and Credit Card data.
No need to ever reinstall your OS.
Maybe you need to do the steps in Safe Mode (f-8) as PC boots , but not always.
While not a "Guru" but after having had a puter for 26 years (starting off with a ol' Kaypro in 85 which required learning DOS and working my way up to and thru all the Windows programs...it got to the point I could repair/reinstall Win 98 in my sleep...) I am not exactly a neophyte, either.
That said, I tried every virus/malware program I knew off (including Spybot, Spyware Doctor, Avast, AVG, Malewarebytes, Adaware, System Mechanic, and maybe a couple of others I can't think of) all to no avail.
That's the 1st time I've not been able to fix a puter that had been infected including the dreaded "About Blank," thus whatever it was, is the worst yet and I keep thinking how I'd like to get my hands on all these bottom-feeding scumbags who develop these programs for whatever pleasure they derive therefrom and even at my advanced age, put (or try anyway?) a whooping on them they would not soon forget.
"There ought to be a law....."
You guys are all writing about what program you can install to get rid of a rootkit like this, but when the rootkit completely seizes control of your computer and you cannot even shut it down, use the mouse, etc., you can’t install jack.
Mark
Bump to find later.
If you save your data to an external hard drive - then go back to original factory - and reload from the external... will the bad stuff reload with the data?
If you save your data to an external hard drive - then go back to original factory - and reload from the external... will the bad stuff reload with the data?
I’m not worried — I use Linux.
A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center (MMPC), said last week on the group's