Remove-Malware.com Forums
Keeping Malware At Bay...Together
TDSS/Alureon
If this topic has helped you then please...
Re: TDSS/Alureon
by virtu » Sat Aug 21, 2010 5:56 am
I saw HIPS tests on 64-bit that didn't quite perfect like in 32-bit...maybe there were only incompatibilities in software and OS!
A fool with an antivirus tool is still a fool.
If you can't convince them, confuse them.
The last thing I want to do is insult you. But it IS on the list.
If you can't convince them, confuse them.
The last thing I want to do is insult you. But it IS on the list.
-
virtu - Master Contributor
- Posts: 2605
- Joined: Sat Dec 27, 2008 4:37 am
- Location: Earth...maybe
- Has thanked: 5 times
- Have thanks: 25 times
- OS: Windows 7 Home
- Architecture: 32bit
Re: TDSS/Alureon
by Dieselman » Sat Aug 21, 2010 5:59 am
Possibly but I have never heard anything what so ever. CIS and KIS work great on a 64 bit OS.
- Dieselman
Re: TDSS/Alureon
by mdfareez » Sat Aug 21, 2010 5:07 pm
It was just going to be a matter of time, before malware writers cracked those 64-bit systems. Just another lesson, that we're never a hundred percent protected. Adapt, or lose out.
rM Forum Rules
Humans have stopped living their real lives to start living their virtual lives. That's our sad reality.
-
mdfareez - Veteran Contributor
- Posts: 1745
- Joined: Wed Aug 19, 2009 10:00 pm
- Has thanked: 0 time
- Have thanks: 5 times
Re: TDSS/Alureon
by FieryDemon » Sat Aug 21, 2010 6:42 pm
here is the link. It is a thread dedicated to TDSS research.
http://www.kernelmode.info/forum/viewto ... &start=330
http://www.kernelmode.info/forum/viewto ... &start=330
Real-time protection: Avira, Comodo Firewall and D+, Malwarebytes Pro
Anti-keylogging: KeyScrambler
OS: Vista 32-bit
Anti-keylogging: KeyScrambler
OS: Vista 32-bit
-
FieryDemon - Regular Contributor
- Posts: 567
- Joined: Tue Feb 09, 2010 1:16 pm
- Has thanked: 0 time
- Have thanks: 3 times
Re: TDSS/Alureon
by Hedgehog » Sun Aug 22, 2010 3:13 am
Only time will tell how effective this variant of TDSS would be on 64 Bit systems, I can draw a parallel between Sandboxie and this variant ie.Sandboxie is also compatible with x64 systems but cannot exactly do what it can on x86, maybe this also applies on this variant, maybe it wouldn`t be that stealthy and difficult to clean up on x64 systems as it is on x86 ones?
OS = Windows 7 HP 64 Bit
Real-Time Protection = KAV 2011 W/max Heuristics,Threatfire level 4
On-Demand = MBAM & HMP
Keylogger Protection = KeyScrambler Personal
Browsers = IE 8 with SmartScreen enabled+SpywareBlaster,Firefox W/WOT+NS+ABP
Real-Time Protection = KAV 2011 W/max Heuristics,Threatfire level 4
On-Demand = MBAM & HMP
Keylogger Protection = KeyScrambler Personal
Browsers = IE 8 with SmartScreen enabled+SpywareBlaster,Firefox W/WOT+NS+ABP
-
Hedgehog - Junior Contributor
- Posts: 60
- Joined: Sun May 30, 2010 3:38 am
- Has thanked: 0 time
- Have thanks: 0 time
Re: TDSS/Alureon
by FieryDemon » Tue Aug 24, 2010 11:29 am
For those not following the thread, it has been confirm that the TDSS rootkit is fully compatible with 64 bit windows.
Perhaps it is time to get GMER, combofix and other tools to be 64 bit compatible as once there is an example of how to bypass 64 bit system..there will be more to come.
Perhaps it is time to get GMER, combofix and other tools to be 64 bit compatible as once there is an example of how to bypass 64 bit system..there will be more to come.
Real-time protection: Avira, Comodo Firewall and D+, Malwarebytes Pro
Anti-keylogging: KeyScrambler
OS: Vista 32-bit
Anti-keylogging: KeyScrambler
OS: Vista 32-bit
-
FieryDemon - Regular Contributor
- Posts: 567
- Joined: Tue Feb 09, 2010 1:16 pm
- Has thanked: 0 time
- Have thanks: 3 times
Re: TDSS/Alureon
by ALookingInView » Tue Aug 24, 2010 11:56 am
Is this 64-bit Alureon already ITW or is it only a PoC?
Edit: Nevermind. A silly question I'm sure I already know the answer to.
Edit: Nevermind. A silly question I'm sure I already know the answer to.
-
ALookingInView - Senior Contributor
- Posts: 842
- Joined: Wed Dec 16, 2009 1:54 pm
- Has thanked: 0 time
- Have thanks: 1 time
Re: TDSS/Alureon
by Hedgehog » Tue Aug 24, 2010 12:44 pm
@FieryDemon, I have been following the thread closely, I only made an speculation about the issue since Sandboxie is also said to be fully compatible with X64 systems but isn`t that powerful as it is in x86 ones so it is only an speculation, I am not insisting it would happen so.
OS = Windows 7 HP 64 Bit
Real-Time Protection = KAV 2011 W/max Heuristics,Threatfire level 4
On-Demand = MBAM & HMP
Keylogger Protection = KeyScrambler Personal
Browsers = IE 8 with SmartScreen enabled+SpywareBlaster,Firefox W/WOT+NS+ABP
Real-Time Protection = KAV 2011 W/max Heuristics,Threatfire level 4
On-Demand = MBAM & HMP
Keylogger Protection = KeyScrambler Personal
Browsers = IE 8 with SmartScreen enabled+SpywareBlaster,Firefox W/WOT+NS+ABP
-
Hedgehog - Junior Contributor
- Posts: 60
- Joined: Sun May 30, 2010 3:38 am
- Has thanked: 0 time
- Have thanks: 0 time
Re: TDSS/Alureon
by sss20 » Tue Aug 24, 2010 1:00 pm
Well , we all knew this will happend sooner or later ......... And now that we have a 64bit rootkit what will we do ? ............ Well , like we did whit 32bit OS we will have common sense when using the PC and use a solid security protection.
In my book 64bit wasn't superior to the 32bit for the extra-protection...but for the extra performance that brings.........
In my book 64bit wasn't superior to the 32bit for the extra-protection...but for the extra performance that brings.........
- sss20
- Master Contributor
- Posts: 3358
- Joined: Thu Jul 30, 2009 6:43 am
- Has thanked: 132 times
- Have thanks: 151 times
- OS: Windows 7 Professional
- Architecture: 64bit
Re: TDSS/Alureon
by Dieselman » Tue Aug 24, 2010 1:06 pm
+1 on that account. Hence why my XPS came with a 64 bit OS and 4 gigs of ram.
- Dieselman
23 posts
• Page 2 of 3 • 1, 2, 3
Who is online
Users browsing this forum: No registered users and 1 guest