->    
   ->   
   http://www.infoworld.com/d/security/rootkit-infection-requires-windows-reinstal   
   -> l-says-microsoft-398   
   ->    
   -> A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into   
   the   
   -> system that the only way to eradicate it is to return Windows to its   
   -> out-of-the-box configuration, Chun Feng, an engineer with the Microsoft   
   Malware   
   -> Protection Center   
   ->    
   -> Details:   
   ->   
   http://blogs.technet.com/b/mmpc/archive/2011/06/22/don-t-write-it-read-it-inste   
   -> ad.aspx   
      
   going by the details in your "details" link, that part about returning   
   windows to it's out-of-the-box configuration seems like a bit of an   
   exaggeration/misinterpretation. you need to use the windows recovery   
   console to restore the MBR. that's good advice for any current malware that   
   happens to affect the MBR.   
      
   what seems to be notable about this particular piece of malware is not that   
   it gets in the MBR but that it protect itself once there - but only so far   
   as any piece of malware can. it can't protect itself when it's not active,   
   that's why use of the recovery console is required.   
   --- Platinum Xpress/Win/WINServer v3.0pr5   
    * Origin: Since 1991 And Were Still Here! DOCSPLACE.TZO.COM (1:123/140)