Follow:

 

Virus:Win32/Alureon.gen!A


Virus:Win32/Alureon.gen!A is a component of Win32/Alureon - a family of data-stealing malware. Alureon allows an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. Win32/Alureon may also allow an attacker to transmit malicious data to your computer.
 
This threat can make it difficult for you to download, install or update your virus protection, whether you have an antivirus product such as Microsoft Security Essentials installed on your computer or not.

If you suspect you have been infected with this threat, we recommend using Windows Defender Offline to detect and remove it; please see detailed instructions on how to use Windows Defender Offline below.



What to do now

This threat can make it difficult for you to download, install or update your virus protection, whether you have an antivirus product such as Microsoft Security Essentials installed on your computer or not.

If you suspect you have been infected with this threat, we recommend using Windows Defender Offline to detect and remove it.

Windows Defender Offline is a standalone tool that contains the latest antivirus updates from Microsoft.

It is not a replacement for a full antivirus solution that provides ongoing protection. It is meant to be used in situations where you cannot start or scan your computer because it is infected with malware that prevents antivirus products from working normally.

Before you begin you will need:

  • A computer that is not infected and is connected to the Internet. You will use this computer to download a copy of Windows Defender Offline
  • A blank CD, DVD or USB drive (also known as a USB key or thumb drive). You will use this CD, DVD or USB drive to run the tool on your infected computer

Follow these steps to use Windows Defender Offline:

  1. Use an uninfected computer to download a copy of the tool from here: Windows Defender Offline.

    In order for the recovery tool to be effective, make sure you download the version that matches the your infected computer. For example, your desktop computer has been infected with malware. The computer is running a 64-bit version of Windows. Your friend's laptop, however, is not infected, and so you use that to download Windows Defender Offline. Your friend's laptop is running a 32-bit version of Windows, so when you download the tool, you choose the 64-bit version, because that is the version that matches your computer.

  2. Install the tool on a blank CD, DVD, or USB drive
  3. Insert the CD, DVD, or USB drive into your infected computer and run the tool
  4. Let the tool clean your computer and remove any infections it finds

After running the tool, ensure that your antivirus product is up-to-date. You can update Microsoft security products by downloading the latest definitions at this link: Get the latest definitions. You can Use the Microsoft Safety Scanner if you suspect you are infected but are unable to confirm this with your existing antivirus software.

For detailed instructions on using Windows Defender Offline, see the Microsoft Security Blog post "Microsoft's Free Security Tools - Windows Defender Offline".

To detect and remove other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this, and other threats:

Threat behavior

Virus:Win32/Alureon.gen!A is a component of Win32/Alureon - a family of data-stealing malware. Alureon allows an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. Win32/Alureon may also allow an attacker to transmit malicious data to your computer.

For more information on Alureon, see the Alureon family description.


Alert level: Severe
First detected by definition: 1.155.480.0
Latest detected by definition: 1.173.2181.0 and higher
First detected on: Jul 22, 2013
This entry was first published on: Jul 22, 2013
This entry was updated on: Jul 23, 2013

This threat is also detected as:
No known aliases