Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Alureon Rootkit Returns to Windows PCs

The Microsoft Malware Prevention Center (MMPC) states that in May 2010 Malicious Software Removal Tool (MSRT) has removed a latest variant of Alureon rootkit, allegedly from almost 360,000 Windows systems since its launch in May 11, 2010.

This accounts for almost 18.2% of total detections by MSRT for May 2010, more than twice the 8.3% which Alureon estimated in April 2010. During April 2010, MSRT sanitized almost 260,000 Windows computers of the rootkit.

Further details of the MMPC report indicates that Virus:Win32/Alureon.A contaminated 47,310 computers, Virus:Win32/Alureon.B infected 5,546 PCs, Virus:Win32/Alureon.F affected 20,717 machines, Virus:Win32/Alureon.G infected 50,581 computers, and Virus:Win32/Alureon.H contaminated 155,394 machines. Apart from this, Alureon trojans and Droppers estimated for 81,521 of the total infections which MMPC compiled in its May report.

Joe Johnson from the MMPC said that the latest .H variant of this rootkit is the most important as far as pervasiveness is concerned. There were many changes in the rootkit design so as to make it escape detection and removal, implying that Alureon is still being developed and circulated. One of the crucial changes noticed was to hit random system drivers in place of the hooked miniport drivers only. As a result, this can cast negative impacts on the system depending upon the selected driver, as per the news published by softpedia.com on May 24, 2010.

For instance, MMPC informed that they have seen some systems with disabled keyboards because of the infection. On other systems, Windows XP suddenly asks for reactivation as the infection looks like a crucial hardware change.

In the report, the other exciting discovery made by MMPC is that almost 65% (two-thirds) of the computers infected with Alureon in May 2010 were running Service Pack 3 (SP3) of Windows XP, and the second spot was held by Windows XP SP2 (14%). Microsoft says that just 3.5% of the systems infected with rootkit were found running Windows 7, as per the news published by computerworld.com on May 24, 2010.

Unfortunate news regarding Alureon has been circulating for quite some time now. During February 2010, Alureon was held responsible for damaging Windows XP PCs with the infamous Blue Screen of Death (BSOD).

Related article: Alarm Raise Over Vulnerability in Trend Micro’s anti-virus Tool

» SPAMfighter News - 6/3/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next