Microsoft security software detects this threat.

The threat is a member of the Alureon family of data-stealing trojans. These trojans allow a malicious hacker to get confidential information such as your user names, passwords, and credit card data.

For more information on the Alureon family, see the Alureon family description and the DOS/Alureon description.

What to do now

The following free Microsoft software detects this threat:

To restore your PC, you might need to use Windows Defender Offline. See our advanced troubleshooting page for more help.

You can also ask for help from other PC users at the Microsoft virus and malware community.

If you're using Windows XP, see our Windows XP end of support page.

Threat behavior

The trojan might modify DNS settings on your PC to allow a malicious hacker to transmit data to your computer. Therefore, you might need to reconfigure DNS settings after the trojan is removed from your PC.

Alureon can also infect and corrupt certain driver files, causing them to become unusable. You may need to restore these from backup, which you can read about at our advanced troubleshooting page.


There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.


Alert level: Severe
First detected by definition: 1.131.1547.0
Latest detected by definition: 1.173.2181.0 and higher
First detected on: Aug 07, 2012
This entry was first published on: Aug 07, 2012
This entry was updated on: Dec 30, 2014

This threat is also detected as:
  • Alureon.A (Command)
  • BOO/TDss.O (Avira)
  • Rootkit.MBR.Sst (Ikarus)
  • Rootkit.MBR.Sst.C (BitDefender)