Oh dear, oh dear, oh dear.
Things are not looking good for those poor windows users.
Microsoft patches fail on infected Windows
Summary
April security fixes for Windows will not install if the user's machine is infected with the Alureon rootkit.
Topics
April security fixes for Windows will not install if the user's machine is infected with the Alureon rootkit.
The company's latest security patches, released on April 16, will spot the rootkit if present and refuse to continue with installation. The Alureon rootkit was responsible for crashes in February's security updates, including Blue Screen of Death errors for XP users due to the way it interacted with the KB977165 patch, which required kernel access.
April's security bulletin primarily patches vulnerabilities in the kernel, with the most severe exploit allowing a elevation of privileges if an attacker has logged on locally. The patches include 11 security bulletins that fix 25 vulnerabilities, and can be installed once the infected machines are cleaned.
Alureon causes problems with the way Microsoft's patches interact with the kernel, which has led the company to include a package detection logic that prevents the installation of the security update if the rootkit is present on 32-bit systems, according to the MS10-021 bulletin.
For more on this story, read Microsoft patches fail infected Windows users on ZDNet UK.
Just In
Now that you're at it check your neurons too, I mean, both of them.
Great Kahuna posted:
"Oh dear...
Oh dear, oh dear, oh dear.
Things are not looking good for those poor windows users."
When in reality, it's so simple to fix. Anyone can do it. As a bonus, they are told they were the proud winner of a rootkit! Yay!
Problem? What problem?
~~~~~~~~~~~~
Any darn fool can make something complex; it takes a genius to make something simple.
~ Albert Einstein
"Oh dear...
Oh dear, oh dear, oh dear.
Things are not looking good for those poor windows users."
When in reality, it's so simple to fix. Anyone can do it. As a bonus, they are told they were the proud winner of a rootkit! Yay!
Problem? What problem?
~~~~~~~~~~~~
Any darn fool can make something complex; it takes a genius to make something simple.
~ Albert Einstein
Good. Microsoft shouldn't have to code around and clean up someone else's mess.
Yeah, why the hell should they clean up Microsoft's mess, it's not like
they're Microsoft or anything!
...
getamac.
they're Microsoft or anything!
...
getamac.
"Recovery
The Win32/Alureon trojan may enable an attacker to transmit malicious data to the infected computer. Recovering from this situation may require measures beyond removing the trojan itself from the computer. Use the Microsoft Malicious Software Removal Tool, Microsoft Security Essentials, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx."
Use whatever tool you have at hand, but use it
wisely!
The Win32/Alureon trojan may enable an attacker to transmit malicious data to the infected computer. Recovering from this situation may require measures beyond removing the trojan itself from the computer. Use the Microsoft Malicious Software Removal Tool, Microsoft Security Essentials, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx."
Use whatever tool you have at hand, but use it
wisely!
Being windows I suppose Microsoft has an easy why for people to get out of that mess.
Could you please explain to those of us using secure but in your opinion not user friendly —if you allow me I beg to vehemently disagree in the strongest terms— OSes just how you do it?
Could you please explain to those of us using secure but in your opinion not user friendly —if you allow me I beg to vehemently disagree in the strongest terms— OSes just how you do it?
"Could you please explain to those of us using secure but in your opinion not user friendly ?if you allow me I beg to vehemently disagree in the strongest terms? OSes just how you do it?"
Where did I say anything about "not user friendly"???
To answer your question, a Windows XP or later
user can download the Malicious Software
Removal tool and let it do the work.
Surely someone as skilled as you could manage
that????
Where did I say anything about "not user friendly"???
To answer your question, a Windows XP or later
user can download the Malicious Software
Removal tool and let it do the work.
Surely someone as skilled as you could manage
that????
After switching to Linux, a truly user friendly OS, I lost all will to mess with user unfriendly OSes such as windows.
I prefer to enjoy a clean computing experience with Linux.
I prefer to enjoy a clean computing experience with Linux.
Excuse my ignorance. When I use Microsoft update which downloads the Malicious Software Tool....does it automatically run it, or do I have to manually run it?
If Manually, how do I do this. Thank you for your help.
If Manually, how do I do this. Thank you for your help.
Quoting Microsoft's web site:
"Microsoft released the Microsoft Windows Malicious Software Removal Tool to help remove specific prevalent malicious software from computers that are running Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, Windows XP, or Windows 2000. After you download the Microsoft Malicious Software Removal Tool, the tool runs one time to check your computer for infection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month."
From what I've read, this tool is offered both
by Windows Update and the Microsoft Update
website.
"Microsoft released the Microsoft Windows Malicious Software Removal Tool to help remove specific prevalent malicious software from computers that are running Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, Windows XP, or Windows 2000. After you download the Microsoft Malicious Software Removal Tool, the tool runs one time to check your computer for infection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month."
From what I've read, this tool is offered both
by Windows Update and the Microsoft Update
website.
Google: Results 1 - 10 of about 18,900 for how to run msrt. (0.18 seconds)
http://www.google.com/#hl=en&source=hp&q=how+to+run+msrt
http://www.microsoft.com/security/malwareremove/default.aspx
Malicious Software Removal Tool
Skip the details and download the tool
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
The Microsoft Windows Malicious Software Removal Tool checks computers running Windows 7, Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software?including Blaster, Sasser, and Mydoom?and helps remove any infection found.
When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.
Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.
Note The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. To run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.
Because computers can appear to function normally when infected, it's a good idea to run this tool regularly even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.
To download the latest version of this tool, visit the Microsoft Download Center.
You can also perform an online scan of your computer using the Windows Live safety scanner.
Get a Free Safety Scan
To scan your computer for malicious and potentially unwanted software from a Web site, click:
Windows Live safety scanner.
http://onecare.live.com/site/en-US/center/howsafe.htm?s_cid=mscom_msrt
In a nutshell: get the latest MRT.EXE from steps above. It will run upon install. Subsequently, simply manually run ad-hoc style by executing C:\Windows\System32\MRT.exe for x86 or C:\Windows\SysWOW64\MRT.exe for x64 systems.
It's as simple as that. And it will specifically take care of the Alureon amongst a wide multitude of other malware.
Please enjoy!
~~~~~~~~~~~~~~
The winner is the chef who takes the same ingredients as everyone else and produces the best results.
~ Edward de Bono
http://www.google.com/#hl=en&source=hp&q=how+to+run+msrt
http://www.microsoft.com/security/malwareremove/default.aspx
Malicious Software Removal Tool
Skip the details and download the tool
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
The Microsoft Windows Malicious Software Removal Tool checks computers running Windows 7, Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software?including Blaster, Sasser, and Mydoom?and helps remove any infection found.
When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.
Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.
Note The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. To run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.
Because computers can appear to function normally when infected, it's a good idea to run this tool regularly even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.
To download the latest version of this tool, visit the Microsoft Download Center.
You can also perform an online scan of your computer using the Windows Live safety scanner.
Get a Free Safety Scan
To scan your computer for malicious and potentially unwanted software from a Web site, click:
Windows Live safety scanner.
http://onecare.live.com/site/en-US/center/howsafe.htm?s_cid=mscom_msrt
In a nutshell: get the latest MRT.EXE from steps above. It will run upon install. Subsequently, simply manually run ad-hoc style by executing C:\Windows\System32\MRT.exe for x86 or C:\Windows\SysWOW64\MRT.exe for x64 systems.
It's as simple as that. And it will specifically take care of the Alureon amongst a wide multitude of other malware.
Please enjoy!
~~~~~~~~~~~~~~
The winner is the chef who takes the same ingredients as everyone else and produces the best results.
~ Edward de Bono
updates. It downlaods and runs without user's intervention. So easy even a cave man can do it.
Please explain. Microsoft is doing you the favor here by patching. The mess is someone creating malware and someone else getting infected. That is not Microsoft's fault unless you want them to control everyone.
The OS is never to blame. A "vulnerability" that is "exploited" is only a vulnerability because someone chooses to try to exploit it. If no one ever exploited a vulnerability, then there would be no problem. Hence, when OS designers happen to leave a seurity hole in the program, why should they have to fix it? Its the dishonest programmers and the hapless users that should be ashamed. Way to go MS. Quit sending out patches to patch "vulnerabilities" that others choose to exploit. Make the exploiters do it.
Is your iPad not connecting to the network?
"Solution: Move closer to the router".
LMAO when I read that one!
"Solution: Move closer to the router".
LMAO when I read that one!
I just dropped my ipad on the carpet from laughing. Oh crap! It broke! Not close enough to router. Disconnecting in 3..2..1..
/me cries
/me cries
Google: Results 1 - 10 of about 866,000 for mac rootkit. (0.15 seconds)
http://www.google.com/#hl=en&source=hp&q=mac+rootkit
Rootkits and Unix(like) go hand-in-hand.
Why Mac Security Matters: OS X Rootkit Hunter
23 Jan 2008 ... After blogging about the need to use and maintain an anti-virus solution for your OS X systems, an anonymous reply questioning the need to ...
theappleblog.com/.../why-mac-security-matters-os-x-rootkit-hunter/ - Cached - SimilarHow to check your Mac for Rootkits : Switching To Mac
27 Nov 2008 ... This tutorial will guide you through using OS X Rootkit Hunter to check your Mac for any rootkit related problems. ...
www.switchingtomac.com/.../how-to-check-your-mac-for-rootkits/ - Cached - SimilarOS X Rootkit Hunter 0.2 software download - Mac OS X - VersionTracker
25 Feb 2009 ... Find OS X Rootkit Hunter downloads, reviews, and updates for Mac OS X including commercial software, shareware and freeware on ...
www.versiontracker.com/dyn/moreinfo/macosx/30622 - Cached - SimilarMachiavelli Mac OS X rootkit unveiled at Black Hat
30 Jul 2009 ... Black Hat 2009: Researcher Dino Dai Zovi unveiled a Mac rootkit called Machiavelli, which uses Mach RPC calls to emulate Windows rootkit ...
searchsecurity.techtarget.com ? Home ? Security News - Cached - SimilarMac OS X rootkit surfaces ? The Register
25 Oct 2004 ... The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a ...
www.theregister.co.uk/2004/10/25/mac_rootkit_opener/ - Cached - SimilarMac OS X gets rootkit coding manual ? The Register
20 Jul 2009 ... At a talk titled Advanced Mac OS X rootkits at the Black Hat security conference in Las Vegas next week, researcher Dino Dai Zovi plans to ...
www.theregister.co.uk/2009/07/.../advanced_mac_osx_rootkits/ - Cached - SimilarMac OS X Rootkits
13 Oct 2005 ... Other Mac OS X Rootkits are; osxrk, Togroot and WeaponX, all of which probably can stil be found at http://www.rootkit.com ...
www.oreillynet.com/cs/user/view/cs_msg/72381 - Cached - Similar
http://www.google.com/#hl=en&q=mac%20rootkit&um=1&ie=UTF-8&tbo=u&tbs=vid:1&sa=N&tab=wv&fp=467c3568f2eec009
For the iconic, GUI oriented artsy-fartsy people, a video must be worth a thousand pages? Much easier than reading command(ing) lines of text?
Let's all enjoy the educational and entertaining videos!
~~~~~~~~~~~~
The more you learn, the more you realize you didn't know. That's the downside of continuing your education. The benefits come next.
~ Unknown Source
http://www.google.com/#hl=en&source=hp&q=mac+rootkit
Rootkits and Unix(like) go hand-in-hand.
Why Mac Security Matters: OS X Rootkit Hunter
23 Jan 2008 ... After blogging about the need to use and maintain an anti-virus solution for your OS X systems, an anonymous reply questioning the need to ...
theappleblog.com/.../why-mac-security-matters-os-x-rootkit-hunter/ - Cached - SimilarHow to check your Mac for Rootkits : Switching To Mac
27 Nov 2008 ... This tutorial will guide you through using OS X Rootkit Hunter to check your Mac for any rootkit related problems. ...
www.switchingtomac.com/.../how-to-check-your-mac-for-rootkits/ - Cached - SimilarOS X Rootkit Hunter 0.2 software download - Mac OS X - VersionTracker
25 Feb 2009 ... Find OS X Rootkit Hunter downloads, reviews, and updates for Mac OS X including commercial software, shareware and freeware on ...
www.versiontracker.com/dyn/moreinfo/macosx/30622 - Cached - SimilarMachiavelli Mac OS X rootkit unveiled at Black Hat
30 Jul 2009 ... Black Hat 2009: Researcher Dino Dai Zovi unveiled a Mac rootkit called Machiavelli, which uses Mach RPC calls to emulate Windows rootkit ...
searchsecurity.techtarget.com ? Home ? Security News - Cached - SimilarMac OS X rootkit surfaces ? The Register
25 Oct 2004 ... The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a ...
www.theregister.co.uk/2004/10/25/mac_rootkit_opener/ - Cached - SimilarMac OS X gets rootkit coding manual ? The Register
20 Jul 2009 ... At a talk titled Advanced Mac OS X rootkits at the Black Hat security conference in Las Vegas next week, researcher Dino Dai Zovi plans to ...
www.theregister.co.uk/2009/07/.../advanced_mac_osx_rootkits/ - Cached - SimilarMac OS X Rootkits
13 Oct 2005 ... Other Mac OS X Rootkits are; osxrk, Togroot and WeaponX, all of which probably can stil be found at http://www.rootkit.com ...
www.oreillynet.com/cs/user/view/cs_msg/72381 - Cached - Similar
http://www.google.com/#hl=en&q=mac%20rootkit&um=1&ie=UTF-8&tbo=u&tbs=vid:1&sa=N&tab=wv&fp=467c3568f2eec009
For the iconic, GUI oriented artsy-fartsy people, a video must be worth a thousand pages? Much easier than reading command(ing) lines of text?
Let's all enjoy the educational and entertaining videos!
~~~~~~~~~~~~
The more you learn, the more you realize you didn't know. That's the downside of continuing your education. The benefits come next.
~ Unknown Source
I just think that the truth be told. It was not just XP users, but Vista users as well. Everything I had was destroyed again but in a different sense. Last August I had my Laptop stolen in BC, Canada, and that wrecked more than a few months Grad work. This time time with Vista Ultimate, it was that "Critical Update" session when I had the "Blue Screen of Death" - I have enough sense to back my stuff up more than every six months now; every two weeks. I just wish people would start launching class action lawsuits for work/time lost costs and recoveries. Cheers all.
I was making a resonse to the ZDNet UK board and got placed here...
Maybe there is a ghost in this machine...
Maybe there is a ghost in this machine...
That Microsoft like most other software companies have in their disclaimer that they are not responsible for personal data or information added to the computer.
Also good thing that Vista and Windows 7 have wonderful automated backup programs installed that are very easy to use. I have mine set to back up every night to a USB Hard Drive.
Problems from updates can happen to any OS or program but I think you will find that when they do happen they are not as widespread as some would like to make you believe and as in this case it could be due to some third party infection or software on the machine.
Also good thing that Vista and Windows 7 have wonderful automated backup programs installed that are very easy to use. I have mine set to back up every night to a USB Hard Drive.
Problems from updates can happen to any OS or program but I think you will find that when they do happen they are not as widespread as some would like to make you believe and as in this case it could be due to some third party infection or software on the machine.
Guess it's better to be informed your system
is infected with a rootkit, and to get it
cleaned rather than attempting to install the
patches and getting BSODs!
Also, shouldn't the "headline" be that
"Microsoft patches refuse to install on
infected Windows"?
is infected with a rootkit, and to get it
cleaned rather than attempting to install the
patches and getting BSODs!
Also, shouldn't the "headline" be that
"Microsoft patches refuse to install on
infected Windows"?
Short of switching to a secure mature OS like Linux, one you claim is not user friendly —if you allow me I beg to vehemently disagree in the strongest terms— just what would you do to get rid of the mess?
I mean, you claim windows is user friendly —I disagree, strongly, if windows is friendly to anyone is malware writers— so show us a user friendly way of getting out of the mess. Will ya?
I mean, you claim windows is user friendly —I disagree, strongly, if windows is friendly to anyone is malware writers— so show us a user friendly way of getting out of the mess. Will ya?
Even worse, are you claiming Linux has a user-friendly way to get out of a rooted system?
Now you are not silly enough to claim Linux can't get infected by a rootkit? Are you?
~~~~~~~~~~
Each problem that I solved became a rule which served afterwards to solve other problems.
~ Rene Descartes
Now you are not silly enough to claim Linux can't get infected by a rootkit? Are you?
~~~~~~~~~~
Each problem that I solved became a rule which served afterwards to solve other problems.
~ Rene Descartes
Just point to cases in the wild where root kits infected desktop Linux systems, then we'll talk.
Right or wrong, you're a dipsh!t. Probably a DBA as well.
for me, DOS was "user friendly"!! By golly,
I don't remember EVER, not one single solitary
instance, of ANY DOS machine getting "rooted"!
Maybe DOS is a "mature, stable OS"!!!
However, for other members of society, lots of
DOS was not "friendly"...some can use CLI,
some can't. So, for my kids who were very
young at the time, I wrote complete menu
programs, complete with colors, "push #1 for
games" etc. Worked quite well to get them
introduced to computers.
I don't remember EVER, not one single solitary
instance, of ANY DOS machine getting "rooted"!
Maybe DOS is a "mature, stable OS"!!!
However, for other members of society, lots of
DOS was not "friendly"...some can use CLI,
some can't. So, for my kids who were very
young at the time, I wrote complete menu
programs, complete with colors, "push #1 for
games" etc. Worked quite well to get them
introduced to computers.
Wake up for the times we are in man, Linux is at the forefront of computing while you keep talking about something that does not even qualify as a true OS.
then, as I recall. Ooops! We had better stop; we are dating ourselves.
Yes, the first rootkit was in Unix! LMAO!
Google: Results 1 - 10 of about 911,000 for the first rootkit. (0.18 seconds)
http://www.google.com/#hl=en&source=hp&q=the+first+rootkit
Root Kits - UW Staff Web Server
5 Jan 2002 ... Linux Root Kit version 3 (lrk3), released in December of 1996, further added ... the first risks not getting all of the modified programs, ...
staff.washington.edu/dittrich/misc/faqs/rootkits.faq - Cached - SimilarRootkit - Wikipedia, the free encyclopedia
The first and original rootkits did not operate at the kernel level, but were simple replacements of standard programs at the user level. ...
Overview - Historical context - Common use - Types
en.wikipedia.org/wiki/Rootkit - Cached - SimilarFirst rootkit for IOS created | NetworkWorld.com Community
14 May 2008 ... So hold onto your hats now that the world has its first ever Cisco router rootkit, reports a story from IDG News Service. ...
www.networkworld.com/community/node/27807 - Cachedrootkit.com
I have just start reading book, "Rootkits ubverting the Windows Kernel", in chap 2 : where where we are building first rootkit, I am having the unexpected ...
www.rootkit.com/board.php?thread=13779&did=edge0&disp... - Cached
Results 1 - 10 of about 1,210,000 for linux rootkit. (0.20 seconds)
http://www.google.com/#hl=en&source=hp&q=linux+rootkit
Youtube is quite entertaining on this topic:
http://www.google.com/#hl=en&q=linux%20rootkit&um=1&ie=UTF-8&tbo=u&tbs=vid:1&sa=N&tab=wv&fp=467c3568f2eec009
How to Install Iroffer on Linux
http://www.youtube.com/watch?v=b9iM7XSHENI
Ubuntu: Root-Kit J?ger
http://www.youtube.com/watch?v=rzElbS7ZSaE
~~~~~~~~~~~~
He who has most fun, learns best.
~ John Cleese
Google: Results 1 - 10 of about 911,000 for the first rootkit. (0.18 seconds)
http://www.google.com/#hl=en&source=hp&q=the+first+rootkit
Root Kits - UW Staff Web Server
5 Jan 2002 ... Linux Root Kit version 3 (lrk3), released in December of 1996, further added ... the first risks not getting all of the modified programs, ...
staff.washington.edu/dittrich/misc/faqs/rootkits.faq - Cached - SimilarRootkit - Wikipedia, the free encyclopedia
The first and original rootkits did not operate at the kernel level, but were simple replacements of standard programs at the user level. ...
Overview - Historical context - Common use - Types
en.wikipedia.org/wiki/Rootkit - Cached - SimilarFirst rootkit for IOS created | NetworkWorld.com Community
14 May 2008 ... So hold onto your hats now that the world has its first ever Cisco router rootkit, reports a story from IDG News Service. ...
www.networkworld.com/community/node/27807 - Cachedrootkit.com
I have just start reading book, "Rootkits ubverting the Windows Kernel", in chap 2 : where where we are building first rootkit, I am having the unexpected ...
www.rootkit.com/board.php?thread=13779&did=edge0&disp... - Cached
Results 1 - 10 of about 1,210,000 for linux rootkit. (0.20 seconds)
http://www.google.com/#hl=en&source=hp&q=linux+rootkit
Youtube is quite entertaining on this topic:
http://www.google.com/#hl=en&q=linux%20rootkit&um=1&ie=UTF-8&tbo=u&tbs=vid:1&sa=N&tab=wv&fp=467c3568f2eec009
How to Install Iroffer on Linux
http://www.youtube.com/watch?v=b9iM7XSHENI
Ubuntu: Root-Kit J?ger
http://www.youtube.com/watch?v=rzElbS7ZSaE
~~~~~~~~~~~~
He who has most fun, learns best.
~ John Cleese
Just wait. Just leave the system (and MS'
tools) to sort it out.
Just leave the system with the defaults on and
allow the Microsoft Malicious Software Removal
Tool to do its business.
On first round the patch may fail, but your
system *will* download and run the MSRT. And it
will remove the Alureon rootkit. On the very
next attempt at patchinf (24 hrs later) you
will get the patch.
No interaction needed.
No need to make a fuss about it.
But I am curious, do you think that it is
better to let the patches go through and have
the rootkit brick the machine, leaving it in a
state where it is very hard to patch anything?
Remember, it is the rootkit which BSODs
the machine. To avoid discovery by heuristic
antivirus the rootkit has been coded to call
into code at absolute, hardcoded addresses in
the kernel. When the kernel is patched and the
addresses shift, the call hits something else,
leading to BSOD.
This is important to understand: It is not
necessarily the files being patched which are
infected. It may be something else entirely.
But patching the executable code may *still*
cause malicious code to misbehave.
What MS is doing here is proactively guarding
against bad code injected by someone else. And
they even offer tools to remove the infection.
tools) to sort it out.
Just leave the system with the defaults on and
allow the Microsoft Malicious Software Removal
Tool to do its business.
On first round the patch may fail, but your
system *will* download and run the MSRT. And it
will remove the Alureon rootkit. On the very
next attempt at patchinf (24 hrs later) you
will get the patch.
No interaction needed.
No need to make a fuss about it.
But I am curious, do you think that it is
better to let the patches go through and have
the rootkit brick the machine, leaving it in a
state where it is very hard to patch anything?
Remember, it is the rootkit which BSODs
the machine. To avoid discovery by heuristic
antivirus the rootkit has been coded to call
into code at absolute, hardcoded addresses in
the kernel. When the kernel is patched and the
addresses shift, the call hits something else,
leading to BSOD.
This is important to understand: It is not
necessarily the files being patched which are
infected. It may be something else entirely.
But patching the executable code may *still*
cause malicious code to misbehave.
What MS is doing here is proactively guarding
against bad code injected by someone else. And
they even offer tools to remove the infection.
And is the machine functional while that happens?
You can speed it up by trying to install the
patches after MSRT cleaned the rootkit out.
That way you will not wait 24 hrs.
Seeing that it is a rootkit, I would suspect
that you may have to reboot the computer after
it is cleanted.
But that's about it.
No big deal, you see. Just MS doing the
responsible thing.
patches after MSRT cleaned the rootkit out.
That way you will not wait 24 hrs.
Seeing that it is a rootkit, I would suspect
that you may have to reboot the computer after
it is cleanted.
But that's about it.
No big deal, you see. Just MS doing the
responsible thing.
that's not what GK wanted to hear! He wanted
to hear how the Windows user had to drop to
a CLI, type in archaic commands as Admin,
then do a "make anti_rootkit" and "make_install anti_rootkit", "chmod
anti_rootkit X" then "BASH anti_rootkit"...
hehehehe
Start X Great Kahuna
start x fail...no mount point "Great Kahuna"
start x fail...non boot device "Great Kahuna"
to hear how the Windows user had to drop to
a CLI, type in archaic commands as Admin,
then do a "make anti_rootkit" and "make_install anti_rootkit", "chmod
anti_rootkit X" then "BASH anti_rootkit"...
hehehehe
Start X Great Kahuna
start x fail...no mount point "Great Kahuna"
start x fail...non boot device "Great Kahuna"
Reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall
Cause that should have been his answer had he chosen to tell the truth.
Cause that should have been his answer had he chosen to tell the truth.
...honeymonster would be all over this.
As it is, his no big deal damage control here, doesn't wash.
As it is, his no big deal damage control here, doesn't wash.
yet provide absolutely no substance at all. Typical.
~~~~~~~~~~~~~
An intelligence test sometimes shows a man how smart he would have been not to have taken it.
~ Laurence J. Peter
~~~~~~~~~~~~~
An intelligence test sometimes shows a man how smart he would have been not to have taken it.
~ Laurence J. Peter
...for monopolizing 90% of the desktop market.
nt
"I mean, you claim windows is user friendly"
Where did I say this in this forum?
Where did I say this in this forum?
Didn't you know?
Edit: Oh, my bad, Google just told me that the windows mantra is: Reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall.....
Edit: Oh, my bad, Google just told me that the windows mantra is: Reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall, reinstall.....
nt
You didn't have to reinstall Linux, but then again, someone with your experience probally took this route:
Install Ubuntu: won't run. Install Debian: won't run. Install openSUSE: won't run.
Install Mint: won't run... ect,
So yeah, technically, you're not "reinstalling" Linux, which is right.
(If you're not DTS, you could be his twin brother: you're just as easy to put away as he is!)
LOL!
Install Ubuntu: won't run. Install Debian: won't run. Install openSUSE: won't run.
Install Mint: won't run... ect,
So yeah, technically, you're not "reinstalling" Linux, which is right.
(If you're not DTS, you could be his twin brother: you're just as easy to put away as he is!)
LOL!
Glad to see you finally found a cure for your ailments.
Zzzzz Zzzzz Zzzzz....
Regardless if it were Unix, Solaris, Aix, HP-UX, Red-Hat, Ubuntu, or OS X?
So this refusal to install a service pack onto your compromised (by your own fault as this is a trojan requiring a user intervention with admin rights) isn't Microsoft doing you a favor, by letting you know you've been rooted? Without crashing the rootkit, so you can salvage your data, and perform a bare-metal installation? It's the only way to be sure...
Don't ask me to prove to you other fanatics, that your OS can be rooted too. Because I will.
8D
~~~~~~~~~~~~
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
~ Rich Cook
So this refusal to install a service pack onto your compromised (by your own fault as this is a trojan requiring a user intervention with admin rights) isn't Microsoft doing you a favor, by letting you know you've been rooted? Without crashing the rootkit, so you can salvage your data, and perform a bare-metal installation? It's the only way to be sure...
Don't ask me to prove to you other fanatics, that your OS can be rooted too. Because I will.
8D
~~~~~~~~~~~~
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
~ Rich Cook
People for whom installing windows is far from being a user friendly procedure.
You see, you claim windows is user friendly now tell me: what is the percentage of windows users who find windows friendly enough so they can install windows on their own?
Tell me is that percentage higher or lower than the percentage of Ubuntu users who find Ubuntu friendly enough so they feel confident installing Ubuntu on their own?
I guess we both know the answer and it is not flattering for windows.
You see, you claim windows is user friendly now tell me: what is the percentage of windows users who find windows friendly enough so they can install windows on their own?
Tell me is that percentage higher or lower than the percentage of Ubuntu users who find Ubuntu friendly enough so they feel confident installing Ubuntu on their own?
I guess we both know the answer and it is not flattering for windows.
XP was not bad unless it could not find drivers and on modern hardware the biggest obstacle was SATA Drives. Both Vista and Windows 7 are very user friendly to install and do a hell of a job of finding and notifying the end user of what they need to do in plain english.
Ubuntu was easy too but not nearly as friendly as Windows and if you have a driver problem with Ubuntu the end user better know where to look.
Ubuntu was easy too but not nearly as friendly as Windows and if you have a driver problem with Ubuntu the end user better know where to look.
and yet it manages to find and respect all other OSes already present in the system (despite windows efforts to thwart Ubuntu) so that in the end you have a nice dual-boot system.
Also, Ubuntu does that using a generic CD not a manufacturer tuned DVD like bloated windows.
Also, Ubuntu does that using a generic CD not a manufacturer tuned DVD like bloated windows.
Gee I have never seen Windoze installed anywhere so how can Windoze have any advantage. I am not even sure Windoze exists.
Of course not. I've been told denial is a major factor in Redmond fanboy life. Nothing posted here on zdnet disproves that. Nothing at all.
but if you are referring to Microsoft Windows then yes many computers offer that as the standard OS but the part you cannot grasp is that most people actually want or prefer that as the OS and if they want one of the many flavors of Linux or a computer with MacOS they know where to go.
No they don't know where to go. The fact is Dell is the only OEM that offers Linux machines and there are only a few of them available. But you already knew all this, so don't confuse 'want' with lack of availability.
If you do not like what one OEM offers then there are many to choose from or they can go to a local computer shop and have a custom computer built.
Not everybody can afford to have a custom machine built and as I said before, Linux isn't offered pre-installed beyond a few Dells.
If you have links to a lot of those alternate choices you claim, I'd like to see them. Post them here.
I guarantee that if you bought a bare PC with no OS most people would still choose Windows.
Well fine, then you have nothing to worry about then. Let's see it happen.
Just look at the millions of custom built PCs by purchasing parts and kits are sold with Windows or how many people buy an OEM/System Builder Windows license. Look at those numbers and tell me people do NOT want Windows.
Sure, due to coercive agreements with OEMs to keep any competing systems out. Otherwise M$ will pull their volume licensing discounts. They've gotten away with this for a long, long time now.
Go spread your Linux Sob story somewhere else because what you claim that people are forced to use Windows is not even remotely true.
Yes it is, but due to your being brainwashed by what goes on behind the scenes, you fail to look beyond what Micro$oft wants you to see. That's why you're a tool.
No, you're just gonna have to put up with my sob stories, like it or not.
Of course not. I've been told denial is a major factor in Redmond fanboy life. Nothing posted here on zdnet disproves that. Nothing at all.
but if you are referring to Microsoft Windows then yes many computers offer that as the standard OS but the part you cannot grasp is that most people actually want or prefer that as the OS and if they want one of the many flavors of Linux or a computer with MacOS they know where to go.
No they don't know where to go. The fact is Dell is the only OEM that offers Linux machines and there are only a few of them available. But you already knew all this, so don't confuse 'want' with lack of availability.
If you do not like what one OEM offers then there are many to choose from or they can go to a local computer shop and have a custom computer built.
Not everybody can afford to have a custom machine built and as I said before, Linux isn't offered pre-installed beyond a few Dells.
If you have links to a lot of those alternate choices you claim, I'd like to see them. Post them here.
I guarantee that if you bought a bare PC with no OS most people would still choose Windows.
Well fine, then you have nothing to worry about then. Let's see it happen.
Just look at the millions of custom built PCs by purchasing parts and kits are sold with Windows or how many people buy an OEM/System Builder Windows license. Look at those numbers and tell me people do NOT want Windows.
Sure, due to coercive agreements with OEMs to keep any competing systems out. Otherwise M$ will pull their volume licensing discounts. They've gotten away with this for a long, long time now.
Go spread your Linux Sob story somewhere else because what you claim that people are forced to use Windows is not even remotely true.
Yes it is, but due to your being brainwashed by what goes on behind the scenes, you fail to look beyond what Micro$oft wants you to see. That's why you're a tool.
No, you're just gonna have to put up with my sob stories, like it or not.
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
