Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

COMPUTER " TROJAN:Win32/Alureon.A"; or, The ROOTKIT MALWARE You Don't Even Know You Have.
http://www.microsoft.com/security ^ | Updated: Dec 16, 2009 | Microsoft

Posted on 04/07/2010 1:22:51 AM PDT by Yosemitest

Microsoft MalWare Protection Center has more info.

(Excerpt) Read more at microsoft.com ...


TOPICS: Extended News; Front Page News; News/Current Events
KEYWORDS: alureona; computer; malware; microsofttax; trojan; virus
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-80 ... 121-135 next last
I had a hard time getting rid of this problem.

Spyware Terminator detected it, and it's attempt to remove it wasn't successful.

I had to find a clean copy of "atapi.sys" and save it to my documents. Then I had to use RootRepeal and use its tools to force-wipe the infected copy of "atapi.sys" from two locations.

After that, I copied and pasted the clean copy of "atapi.sys" into those locations and run a full scan again.

Spyware Terminator then reported:

So, to clean this temp file out, I used CCleaner. First I changed the settings under "advanced settings" to delete ALL TEMP files, not just the ones older than 24 hours.
Then I run the cleaner. And after that, I run the registry Cleaner.

Then I scaned again with Spyware Terminator, and it came up clean.

Finally, I run Norton Ghost" and made a clean backup of my computer to an external drive.

Good luck, and I hope you don't have this Nasty RootKit.

1 posted on 04/07/2010 1:22:51 AM PDT by Yosemitest
[ Post Reply | Private Reply | View Replies]

To: Yosemitest

It does not show up on my Linux box


2 posted on 04/07/2010 1:28:53 AM PDT by taxcontrol
[ Post Reply | Private Reply | To 1 | View Replies]

To: Yosemitest

Wow

What a project!

Sorry to say it but ,,, get a Mac.

And tell Bill Gates where to get off with his POS DOS system from the 90s that he refuses to bring into the modern world.


3 posted on 04/07/2010 1:30:07 AM PDT by DontTreadOnMe2009 (So stop treading on me already!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Yosemitest

hoo boy, stealing your DNS gives virtual carte blanche to the haxors.


4 posted on 04/07/2010 1:32:49 AM PDT by HiTech RedNeck (I am in America but not of America (per bible: am in the world but not of it))
[ Post Reply | Private Reply | To 1 | View Replies]

To: Yosemitest

BTTT. Thanks for posting!


5 posted on 04/07/2010 1:34:13 AM PDT by EdReform (Oath Keepers - Guardians of the Republic - Honor your oath - Join us: www.oathkeepers.org)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Yosemitest

Which Windows. XP? Vista? 7?


6 posted on 04/07/2010 1:35:22 AM PDT by HiTech RedNeck (I am in America but not of America (per bible: am in the world but not of it))
[ Post Reply | Private Reply | To 1 | View Replies]

To: DontTreadOnMe2009

Windows is not based on DOS. At least if you are going to trash Windows, get some facts. Windows hasn’t been DOS based in over a decade.


7 posted on 04/07/2010 1:38:07 AM PDT by wireplay
[ Post Reply | Private Reply | To 3 | View Replies]

To: DontTreadOnMe2009

Yeah get a mac and get an OS from the 70s


8 posted on 04/07/2010 1:46:16 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: DontTreadOnMe2009

And, btw, I can write a malware program that hits Macs or Linux. Why? Because most malware relies on a user clicking on “Sure! I want to install this!”. There is no stopping this breach.

The easiest way to get passwords for systems is to dumpster dive or get into offices after hours. Look under keyboards, in drawers, etc. where people write them down. Security if often not connected with the O/S but with people not taking precautions.

Basically, trashing Windows buys little. Linux is wide-open compared to z/OS. Those both are wide-open compared to a closed system that never connects to the net.


9 posted on 04/07/2010 1:51:03 AM PDT by wireplay
[ Post Reply | Private Reply | To 3 | View Replies]

To: wireplay

but but but mac has NEVER had a self propagating virus!! really it hasn’t. That must mean its secure.


10 posted on 04/07/2010 1:53:02 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Yosemitest

read later


11 posted on 04/07/2010 1:53:07 AM PDT by truthguy (Good intentions are not enough!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Rammer

ping


12 posted on 04/07/2010 1:59:54 AM PDT by Rammer
[ Post Reply | Private Reply | To 1 | View Replies]

To: driftdiver

Mac users are clueless about the threat fro malware writers. If Macs ever get a foothold, they will find out.

I started my career coding in Macs and I have never seen them gain any marketshare because they do not address business needs.

The Mac folks also do not understand computing worth a poop. Apple finally gave up the ghost and switched to Unix and hoped for the best. I have coded on MVS, Unix, and Windows. Nothing compares to Windows in ease of use, hence that is where everything is built. Unix is nice, MVS is sweet (but simple).

How hard would it be for me to write a malware app that asks a user for their username and password then https that unencrypted password out to my web service for harvesting? We can actually throw an event for every keystroke and capture the whole session easily. The mac folks think this is not possible and their O/S protects them from it when it has nothing whatsoever to do with the O/S. A user clicks Ok and their system is mine.


13 posted on 04/07/2010 2:05:30 AM PDT by wireplay
[ Post Reply | Private Reply | To 10 | View Replies]

To: driftdiver

Which was designed from the get-go for multiple hostile users, not one friendly user.


14 posted on 04/07/2010 2:06:17 AM PDT by HiTech RedNeck (I am in America but not of America (per bible: am in the world but not of it))
[ Post Reply | Private Reply | To 8 | View Replies]

To: wireplay

There are still enough Macs and Linuxes that an amphibious or cross system vectoring malware could grab hold right now if it was anywhere close to as easy to get into the Macs and Linuxes as it is to get into most existing Windows installation.


15 posted on 04/07/2010 2:08:48 AM PDT by HiTech RedNeck (I am in America but not of America (per bible: am in the world but not of it))
[ Post Reply | Private Reply | To 13 | View Replies]

To: Yosemitest

bttt


16 posted on 04/07/2010 2:12:13 AM PDT by bmwcyle (Free the Navy Seals)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck

Viruses are what they are but the threat isn’t there. It is in malware and a user will introduce it w/o even breaking a sweat.

Windows is secure on the latest versions but malware is the game.

“Look! A free copy of Tetris for my Mac!!!! All it does is ask me for a username and password!”

Bingo. Test the uid/password on Quicken, Wells Fargo, Chase, etc.

People get their panties in a wad over a DOS attack. The threat is monetary.


17 posted on 04/07/2010 2:13:17 AM PDT by wireplay
[ Post Reply | Private Reply | To 15 | View Replies]

To: HiTech RedNeck

BTW, as a computer guy you should know that Windows of today is based on VMS.

My guess is that the original poster is not running a modern Windows variant or did the click and hope for the best method of implementation.

I do not buy this widespread virus spread we saw in the past (which was a problem, I agree).


18 posted on 04/07/2010 2:17:28 AM PDT by wireplay
[ Post Reply | Private Reply | To 15 | View Replies]

To: taxcontrol

“It does not show up on my Linux box’

nor mine ;-)


19 posted on 04/07/2010 2:18:17 AM PDT by vanilla swirl (To argue witha person who has renounced the use of reason is like administering medicine to the dead)
[ Post Reply | Private Reply | To 2 | View Replies]

To: truthguy

Me too....


20 posted on 04/07/2010 2:18:51 AM PDT by Bradís Gramma (Here's a thought!! Donate to the website you are on RIGHT NOW!!)
[ Post Reply | Private Reply | To 11 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-80 ... 121-135 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson