Skip to main content

New Rootkit Forces Users To Reinstall Windows

Microsoft has revealed that the only way to eradicate a new type of rootkit is to completely reinstall the Windows operating system.

In a blog post (opens in new tab), Microsoft’s Chun Feng reported that in order to fix the virus, users would have to use their recovery CDs to reinstate the system to a pre-infected state. Which basically means that users would be required to reinstall the operating system.

The rootkit, named ‘Popureb’ embeds it self deep within the boot system of the OS. The virus has been designed in such a way that is impossible to delete it using a regular anti-virus, as it infects the system’s master boot record.

“If your system does get infected with Trojan:Win32/Popureb.E, we advise you to fix the MBR and then use a recovery CD to restore your system to a pre-infected state (as sometimes restoring a system may not restore the MBR),” Feng explained.

“To fix the MBR, we advise that you use the System Recovery Console, which supports a command called "fixmbr",” he added.

Feng’s post on the Microsoft Malware Protection Center blog contains links to methods of fixing the problem in Windows XP, Vista and Windows 7, just don't forget to back up your work before you start the process.