Alureon Rootkit causes 'Restart issues after installing MS10-015' Microsoft

Microsoft posted an update on an ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015 “February 10th, we became aware of reports regarding Windows XP SP2 and SP3 systems becoming unable to restart successfully after the installation of MS10-015 – Our investigation has concluded that the reboot occurs […]

Microsoft posted an update on an ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015 “February 10th, we became aware of reports regarding Windows XP SP2 and SP3 systems becoming unable to restart successfully after the installation of MS10-015 – Our investigation has concluded that the reboot occurs because the system is infected with malware “Alureon rootkit”. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software. The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state. Customers interested in additional technical details of what the Windows Kernel is can learn more here.” “A malware compromise of this type is serious, and if customers cannot confirm removal of Alureon rootkit using their anti-virus/anti-malware software, most secure recommendation is that owner of the system to back up important files and completely restore the system from a cleanly formatted disk,” MSRC.