Microsoft has exposed a new alternative on a boot kit which is much malicious that Microsoft recommends reinstalling Windows from a recovery CD.
Chun Feng, an engineer with the Microsoft Malware Protection Center, warned that users will have to roll back Windows via a recovery CD if they are infected with Popureb.E, which now includes a driver component that triggers at boot time.
The malware identifies the actual startup disk and infects DriverStartIO; it overwrites the MBR write application to read operation. If your system is infected by this malicious malware, the data cannot be written and hence the system gets affected by the malicious malware. Thus it does not allow the antivirus to overwrite the MBR and hence the malware cannot be removed. Therefore there is no other way of removing the Popured.E but re-installing the windows.
It is recommended by Microsoft to try and fix the malware with the help of System Recovery Console and use the “fixmbr” command. If it is not removed, there is only one way and that is using the recovery CD to restore the System to an earlier, pre-infected state. The recovery CD will reboot the windows and hence makes the boot sector free from malwares. But while using the Microsoft recovery CD, make sure that you have a clear idea on booting or you can also consult the Microsoft support squad. Again it also said that there is one more alternative to it and it is to get a Mac.
But there are many anti viruses who do not worry about these malwares and say that it is detected as Trojan and hence can be removed by Trojan Remover. Hence there is an ongoing debate on this topic and Microsoft says that it is not a Trojan but dubbed as E. So Symantec have been toiling hard to get a removal tool for this malicious malware.
No comments:
Post a Comment