Rootkit May Be Behind Windows Blue Screen

Posted by kdawson on Friday February 12, 2010 @05:31AM from the pre-owned dept.

L3sPau1 writes "A rootkit infection may be the cause of a Windows Blue Screen of Death issue experienced by Windows XP users who applied the latest round of Microsoft patches. It appears that the affected Windows PCs had the rootkit infection prior to deploying the Microsoft patches. Researcher Patrick W. Barnes, investigating the issue, has isolated the infection to the Windows atapi.sys file, a driver used by Windows to connect hard drives and other components. Barnes identified the infection as the Tdss-rootkit, which surfaced last November and has been spreading quickly, creating zombie machines for botnet activity."

2 of 323 comments (clear)

Min score:

Reason:

Sort:

Sounds like a good thing by Anonymous Coward · 2010-02-12 05:33 · Score: 5, Insightful

That's one way of forcing users to take care of an infection.
Re:Ah, well, that lets Microsoft off the hook then by Com2Kid · 2010-02-12 05:40 · Score: 5, Insightful

After all, there's no way that their malware tool could have spotted it
If a system has been rooted, nothing short of booting to another OS from a known clean media, mounting the disk read only, and scanning, is guaranteed to detect a root kit.
That'd make updates a real pain in the arse to install...

--
Need help treating your acne? Come here!