is a generic detection for a component of Win32/Alureon
- a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.
This particular component is used to subvert the user's Internet interaction by redirecting requests for particular domains and download/update components.
Redirects Targeted Domains
Trojan:Win32/Alureon.gen!U may redirect the affected user's Web browser when attempts to connect to certain domains are made. These domains may vary, but we have observed the following domains being targeted in the wild:
Downloads additional files
Trojan:Win32/Alureon.gen!U may contact the following domains/IPs to download additional files:
For more information, please refer to the Win32/Alureon
family description elsewhere in the encyclopedia.
Analysis by Marian Radu
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).