Microsoft Clarifies Stance on 'Killer Trojan' Removal
Microsoft security experts are having their credentials called into question after sending out premature warnings to users urging them to protect themselves against a new form of covert malware. The Trojan was believed to be so indestructible that only a reinstallation of the entire Windows operating system would remove its presence.
Microsoft first took notice of the Trojan (called Win32/Popureb.E.) sometime last week. After weighing its potential for harm, security officials reasoned that it contained a rootkit hiding beneath an infected machine's boot sector.
Trojan Swaps Write Operation for Read Operation
At the time, MMPC (Microsoft Malware Protection Center) engineer Chun Feng noted that the Trojan was able to detect write operations aimed at the MBR (master boot record) and then swapped out the write operation with a read operation. (Source: techeye.net)
Feng believed the rootkit to be so powerful that those infected were instructed to back up their hard drive and re-install Windows to remove its presence.
Microsoft Engineer Clarifies Threat Severity
The announcement sent hundreds into a frenzy, with many taking Feng up on his reinstallation suggestion. Feng has since changed his mind concerning the severity of the threat and "clarified" Microsoft's position on the issue.
Feng now recommends that "If your system is infected with Trojan:Win32/Popureb.E. we advise fixing the Master Boot Record using the Windows Recovery Console to return the MBR to a clean state." (Source: vietnamtribune.com)
He went on to provide instructions on how to use the Recovery Console for Windows XP, Vista and Windows 7. Feng also added that following these directions would enable the MBR to be scrubbed clean, and users can run antivirus software to scan their PC for additional malware for removal.
Some antivirus companies are offering removal kits for the Trojan, which Feng admits is probably a better option that a complete reformatting of the system.
Free eBook: A Crossroads for Windows XP Users: Windows 7 or Windows 8?. Microsoft's Windows XP has officially been decommissioned as of April 8, 2014, meaning that Microsoft will not longer support the software insofar as security updates are concerned. So, is it really that dangerous to continue using Windows XP? Security experts agree that the answer to that question is a resounding 'Yes!' If you are still using Windows XP, you should upgrade as soon as possible; otherwise, you run a significantly increased risk of being infected by malicious software (malware) - resulting in ID theft, credit card fraud, or worse. This eBook helps users decide which operating system would be the most viable option, depending on your current configuration. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.