Skip to comments.COMPUTER " TROJAN:Win32/Alureon.A"; or, The ROOTKIT MALWARE You Don't Even Know You Have.
Posted on 04/07/2010 1:22:51 AM PDT by Yosemitest
(Excerpt) Read more at microsoft.com ...
Spyware Terminator detected it, and it's attempt to remove it wasn't successful.
I had to find a clean copy of "atapi.sys" and save it to my documents. Then I had to use RootRepeal and use its tools to force-wipe the infected copy of "atapi.sys" from two locations.
Registry HKLM\SYSTEM\CurrentControlSet\Services\atapi located at
After that, I copied and pasted the clean copy of "atapi.sys" into those locations and run a full scan again.
Spyware Terminator then reported:
Process: Rootkit-2660 (Trojan Detected by ClamAV)
Then I scaned again with Spyware Terminator, and it came up clean.
Finally, I run Norton Ghost" and made a clean backup of my computer to an external drive.
Good luck, and I hope you don't have this Nasty RootKit.
It does not show up on my Linux box
What a project!
Sorry to say it but ,,, get a Mac.
And tell Bill Gates where to get off with his POS DOS system from the 90s that he refuses to bring into the modern world.
hoo boy, stealing your DNS gives virtual carte blanche to the haxors.
BTTT. Thanks for posting!
Which Windows. XP? Vista? 7?
Windows is not based on DOS. At least if you are going to trash Windows, get some facts. Windows hasn’t been DOS based in over a decade.
Yeah get a mac and get an OS from the 70s
And, btw, I can write a malware program that hits Macs or Linux. Why? Because most malware relies on a user clicking on “Sure! I want to install this!”. There is no stopping this breach.
The easiest way to get passwords for systems is to dumpster dive or get into offices after hours. Look under keyboards, in drawers, etc. where people write them down. Security if often not connected with the O/S but with people not taking precautions.
Basically, trashing Windows buys little. Linux is wide-open compared to z/OS. Those both are wide-open compared to a closed system that never connects to the net.
but but but mac has NEVER had a self propagating virus!! really it hasn’t. That must mean its secure.
Mac users are clueless about the threat fro malware writers. If Macs ever get a foothold, they will find out.
I started my career coding in Macs and I have never seen them gain any marketshare because they do not address business needs.
The Mac folks also do not understand computing worth a poop. Apple finally gave up the ghost and switched to Unix and hoped for the best. I have coded on MVS, Unix, and Windows. Nothing compares to Windows in ease of use, hence that is where everything is built. Unix is nice, MVS is sweet (but simple).
How hard would it be for me to write a malware app that asks a user for their username and password then https that unencrypted password out to my web service for harvesting? We can actually throw an event for every keystroke and capture the whole session easily. The mac folks think this is not possible and their O/S protects them from it when it has nothing whatsoever to do with the O/S. A user clicks Ok and their system is mine.
Which was designed from the get-go for multiple hostile users, not one friendly user.
There are still enough Macs and Linuxes that an amphibious or cross system vectoring malware could grab hold right now if it was anywhere close to as easy to get into the Macs and Linuxes as it is to get into most existing Windows installation.
Viruses are what they are but the threat isn’t there. It is in malware and a user will introduce it w/o even breaking a sweat.
Windows is secure on the latest versions but malware is the game.
“Look! A free copy of Tetris for my Mac!!!! All it does is ask me for a username and password!”
Bingo. Test the uid/password on Quicken, Wells Fargo, Chase, etc.
People get their panties in a wad over a DOS attack. The threat is monetary.
BTW, as a computer guy you should know that Windows of today is based on VMS.
My guess is that the original poster is not running a modern Windows variant or did the click and hope for the best method of implementation.
I do not buy this widespread virus spread we saw in the past (which was a problem, I agree).
“It does not show up on my Linux box’
nor mine ;-)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.