Hey,
Recently, my mother had been using our PC doing some internet browsing - she works from home and utilizes the computer for her work. Anyway, she found a site in google - Vanuatu Whitepages - she had to look up someone from Vanuatu. (This is the site I suspect the malware/virus) came from). After visiting this site (and avast not blocking any connections or doing anything) she tried visiting some of her “usual” sites. Suddenly, she could not access it. Kept coming up with “Firefox cannot find the server”. I tried both with Firefox and IE. Then, I tried with my Laptop (as i thought the site might just be down but wanted to make sure). It was working fine on my laptop. So then…I downloaded a little app that i like using called Trend Micro House Call but everytime i tried running it it kept failing to update itself. So i did some research on this…and it came up with this link:
http://community.trendmicro.com/t5/Home-and-Home-Office-Forum/HouseCall-install-failure/td-p/2163
(post number Four defines the virus/malware as Win32/Alureon.CO
This apparently hinders the effects of Windows Update. So i tried loading the Windows Update Site and it didnt work. So i tried the fix on the site and it worked!
So, if this is the virus (Win32/Alureon.CO):
A: Why did avast! do nothing to stop the connection? (webshield)
B: Stop it from changing TCP/IP Settings without my consent?
C: Why did nothing appear after a boot time scan with Avast! AND a safemode scan with HouseCall?
It makes me feel a bit weird when i find out that the antivirus software that i have used for quite a while still allows these types of things into my PC AND lets them change settings AND doesn’t detect it.
This is the listing from Microsoft about the trojan:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Trojan%3AWin32%2FAlureon.CO&threatid=144686
Hope this helps!