[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: OT Re: virus warning

Subject: Re: OT Re: virus warning
From: J R FOX jr_fox@xxxxxxxxxx
Date: Tue, 5 Jul 2011 08:09:25 -0700 (PDT)

--- On Sat, 7/2/11, Robert Holmgren  wrote:

> > Best hope you don't get this
> > http://tech.slashdot.org/story/11/06/27/2355205/Rootkit-Infection-Requires-Windows-Reinstall
>
> The Microsoft engineer, quoted above, who said you had to
> do a
> complete reinstall, withdrew his advice several days later.
>
> It's total bunk.
>

The SysInternals crew have had a rootikit detection tool
and instructions available for quite some time (where their
other tools can be found), but it is from 2006, so I would
wonder if it is sufficiently up to date.

> All you do to kill rootkits is boot from a CD that doesn't
> access the hard disk's Master Boot Record; then you replace
> the > MBR and/or the boot sector.  It isn't difficult.

Not difficult for you or for Flash, but I would not extend
that to everyone. I have made MBR backups with DFSEE, but
never had to attempt to restore one, much less in a crisis
situation. It is likely something I could handle, though
I'm not that eager to find out.

 Jordan

Prev by Date: Re: OED
Next by Date: Re: Windows XP and new hardware
Previous by thread: Re: OT Re: virus warning
Next by thread: OT: Re: Windows registry cleanup
Index(es):
- Date
- Subject