Home Malware Programs Trojans Win32:Aluroot-B [Rtk]

Win32:Aluroot-B [Rtk]

Posted: February 1, 2012

Threat Metric

Ranking: 9,590
Threat Level: 1/10
Infected PCs: 939
First Seen: February 1, 2012
Last Seen: October 16, 2023
OS(es) Affected: Windows

Win32:Aluroot-B [Rtk] is a dangerous rootkit type Trojan which can remain in restore points generated for PC system emergency rescue. To justify the application that does not scan restore points areas it is to be stressed on there is no way for malware threats to run as long as they are in a restore point, which is an idle zone as long it is not used to restore PC system after its crash. The installation of Win32:Aluroot-B [Rtk] is accomplished immediately into PC system drivers area so that it could be characterized as a fake system drive. Win32:Aluroot-B [Rtk]'s payload has numerous various tasks that include annoying Google redirects, keylogging and other. Win32:Aluroot-B [Rtk] tries to remain on the targeted computer system by pretending to be system drives. Get rid of Win32:Aluroot-B [Rtk] before it destroys your machine.

Aliases

Generic.grp!fe [McAfee]Generic Trojan [Panda]Crypt.ANVH [AVG]Trojan/Win32.Genome.gen [Antiy-AVL]Win32/FakeAV.USJ [eTrust-Vet]Generic.dx!bcsz [McAfee-GW-Edition]TR/Offend.kdv.511605.1 [AntiVir]TrojWare.Win32.Aluroot.clb [Comodo]Trojan.Generic.KDV.511605 [BitDefender]Win32/Sirefef.DA [NOD32]Artemis!4877E486033C [McAfee]TR/Aluroot.BA [AntiVir]ZeroAccess.an [McAfee]BackDoor.Generic14.COMW [AVG]Artemis!D8AA40C35B07 [McAfee]
More aliases (71)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%System%\RANDOM CHARACTERS.exe File name: %System%\RANDOM CHARACTERS.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RANDOM KEYS
Loading...