Posted on 06/27/2011 10:21:23 PM PDT by Gomez
Microsoft is telling Windows users that they'll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine's boot sector.
A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center (MMPC), said last week on the group's blog.
"If your system does get infected with Trojan:Win32/Popureb.E, we advise you to fix the MBR and then use a recovery CD to restore your system to a pre-infected state," said Feng.
A recovery disc returns Windows to its factory settings.
(Excerpt) Read more at computerworld.com ...
Preach it. I'm writing this on a laptop with the latest version of Linux Mint.
I have the feeling that this may be what is infecting a relative's computer from that description I've read. She called me late last week and said that she'd opened an email from a friend with what was supposed to be photos. Her anti-virus warned her not to open it, but she did anyway. The way she described it, opening the file installed something, which took her to websites, which installed something she couldn't stop, which did something else, and then it gets garbled. She isn't quite sure.
Ooopsie.
Anyone want to guess what I'm doing this weekend?
I hate Windows.
While not a "Guru" but after having had a puter for 26 years (starting off with a ol' Kaypro in 85 which required learning DOS and working my way up to and thru all the Windows programs...it got to the point I could repair/reinstall Win 98 in my sleep...) I am not exactly a neophyte, either.
That said, I tried every virus/malware program I knew off (including Spybot, Spyware Doctor, Avast, AVG, Malewarebytes, Adaware, System Mechanic, and maybe a couple of others I can't think of) all to no avail.
That's the 1st time I've not been able to fix a puter that had been infected including the dreaded "About Blank," thus whatever it was, is the worst yet and I keep thinking how I'd like to get my hands on all these bottom-feeding scumbags who develop these programs for whatever pleasure they derive therefrom and even at my advanced age, put (or try anyway?) a whooping on them they would not soon forget.
"There ought to be a law....."
Hahahaha,,,it sure sounds like you have a "small man" syndrome complex there...
I am under the impression that Linux will not run Windows programs. Is this a correct impression?
If correct, the problem with Linux then is acquiring and learning new software, and doing without those programs for which Linux has not equivalent.
Linux will not run Windows programs without some help. It is is completely different OS, after all.
However, there is a very common program, called WINE, that will allow you to run most Windows programs.
If correct, the problem with Linux then is acquiring and learning new software,...
..kinda like learning new versions of Office or other major upgrades. Not a big deal, actually.
...and doing without those programs for which Linux has not equivalent.
Not many of those. I can actually think of more Linux software that has no Windows equivalent, than the other way around. You'd have to have pretty obscure, and specific, titles to have no Linux equivalent these days.
Hey, another Minter here. Although Clement Lefebvre (sp?) (main Mint developer) asked supporters of Israel to neither contribute funds to or use Mint. I missed seeing such a restriction in the underlying general public license, so I enjoy Mint nonetheless.
It’s great to have a dual boot machine and Mint on a “disposable” laptop.
Ubuntu, the most popular Linux flavor, has a utility named “wine” which runs many windows programs. I’ve used it, it was clunky but got the job done. Many linux distros can be dual booted and live comfortably next to a Microsoft OS. Linux has a library of tens of thousands of various programs, though the quality and duplication between these programs is a problem, but not an insurmountable one. Depends on what you are looking for.
Linux is not yet and probably never will be, despite its claims, as successful and complete as Microsoft or Apple OSes. But it has its strengths and is a free back up with some options.
You guys are all writing about what program you can install to get rid of a rootkit like this, but when the rootkit completely seizes control of your computer and you cannot even shut it down, use the mouse, etc., you can’t install jack.
People have their priorities. Those "few hours" every few months are valuable to me.
I can have a computer 10X better than a Mac for $300.
The $280 Dell does not include a $220 monitor.
The same Mac would cost me $3,000
The basic iMac -- which includes a monitor -- is $1,200 and has far more features than the basic Dell including a much better processor.
The only Macs costing $3,000 are specialty products.
and I'd be stuck with crap-Mac products "cloud" nonsense.
You don't need to use "the cloud" with a Mac any more than you need to use "the cloud" with a PC.
But wait, you get to keep all my data in your freaking "cloud"
If you want, although I leave my stuff on my hard drive & use "the cloud" for a backup for some things.
Mark
Most of the Aureleon/FakeAV family of viruses only infect the user they arrived on - simply creating another user often will give you access... there are several ways to do that with self-booting tools. More can be thwarted from safe mode. Only the true rootkit varieties require using a rescue media.
For that, you should look into the various WinRE/WinPE Rescue platforms, or use one of the prepared anti-virus boot disks available (BitDefender, Kaspersky, etc) which run on WinPE or Linux. But no tech should be without a solid WinRE/WinPE boot disk.
As to the actual removal Kaspersky's TDSSKiller does the trick neatly, with a followup using Kaspersky's AVPTool once the machine is bootable again. After that, install a good AV (Kaspersky, Nod32, FProtect, Avira, MSE, etc), MalwareBytes, Spybot Search & Destroy, and CCleaner: Scan with all of them to clean up any residuals, and leave them on the box - Use them weekly, practice safe-hex, and you won't have problems anymore.
“Computer trade magazines are for tech management idiots who couldn’t find their asses if they had four robots searching at the top of their legs”
My twenty-something age son has been reading tech journals since he was 13. He is pretty much self-taught and has a high level job analyzing servers for his employer.
The company recently completed a merger which required him to analyze several vendor processes and recommend the best one for the company’s needs. He had to fight with the boardroom execs who don’t know jack and it almost ended up being a total cluserfark.
His comment to me: “I used to read about this kind of monumental corporate screw-ups in the trade journals and now I’m part of it!”
Funny, I’m told that Macbots never post stuff in Windows threads like use a mac instead.
This was the first reply in the post.
See swordmaker, unless brookhaven was just being sarcastic and making fun of macbots...macbots really do this.
They also have their egos, which seems to make them assume that everybody else's priorities need to be made the same as theirs.
sorry Brookhaven replied to the wrong post.
See swordmaker....macbots really do post garbage in windows threads suggesting Macs can’t get a virus. We all know that’s not true. I’m not sure how his post was constructive, but since macbots never do this I’m sure he was just being sarcastic (just as I am).
He sword...here’s another macbot muddying up a windows topic. Once again I thought you said this never happens.
Why do the macbots feel it neccessary to muddy up windows threads with FUD?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.