sony rootkit

http:// insight .zdnet.co.uk/0,39020415,39237277-4,00.htm

the only way to get rid of this rootkit is to build a new machine?
(apparently)

 

Working link http://insight.zdnet.co.uk/internet/security/0,39020457,39237277,00.htm

That's a bit alarmist. Yes, unless one has the rootkit to examine it is hard to tell what files have been modified or replaced.

To take the approach of 'Nuke' the system, is a bit of overkill. If that's the case them we should just 'Nuke' the system anytime it gets infected.

 

So a clean format wouldn't do it alone?

 

If you 'Nuke' the drive, as in low-level format and write a new MBR then wirte a new partion, format & clean install. The system will be clean, but I think going that route is overkill, and journalist who advocate that route are being alarmist.

 

Shadow in the article the guy that recommended killing the system entirely wasn't the journalist I don't think. I think he was a Microsoft progammer that was just being quoted as to what he thought of the thing.
I'm pretty sure...then again, I could be wrong, I'll read it over.

 

Rootkits aren't a new phenomena, they've been around for awhile. Not all rootkits are bad. The main concern here is that this is a grow trend to use rootkits to conceal the presence of a virus or spyware. The trick is knowing the diference between the good, legitimate file, and a bad one. Microsoft being as secretive as they are will make the task of identifing these bad processes more difficult. MS should publish the MD5 for every version of every file in every Windows OS that is currently in use. That would mean going back as far as Windows 3.1, yes I said 3.1.