We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Alureon.gen!AB
Aliases: W32/Alureon.AMG (Norman) Trojan.Win32.Alureon (Ikarus)
Summary
Trojan:Win32/Alureon.gen!AB is the generic detection for a member of the Win32/Alureon family. It drops another malware, tries to delete the Hosts file, and tries to create a virtual file system (VFS). It may also connect to certain servers.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
Additional remediation instructions for Trojan:Win32/Alureon.gen!AB
This threat may make lasting changes to a computer's configuration that are NOT restored by detecting and removing this threat. For more information on returning an infected computer to its pre-infected state, please see the following article/s:
- Recreating a clean Hosts file: http://support.microsoft.com/kb/972034
- Using the system's recovery options:
- For Windows XP: Installing and using the Recovery Console in Windows XP
- For Windows Vista: System Recovery Options in Windows Vista
- For Windows 7: System Recovery Options in Windows 7
- For other support and help related articles, go to:
- Windows 7: http://support.microsoft.com/gp/windows7
- Windows Vista: http://support.microsoft.com/ph/11732
- Windows XP: http://support.microsoft.com/ph/1173
- Microsoft Security TechNet Center: http://technet.microsoft.com/security/default.aspx