Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
Send us feedback
Thank you for your feedback
We couldn't find the malware. Try searching for the malware you’ve encountered. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
We couldn't find the malware. We’ve returned search results instead. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
This family of data-stealing trojans can give a malicious hacker access to collect confidential information stored in your PC, such as your user names, passwords, and credit card data.
They can also send malicious data to your PC and corrupt some driver files, making them unusable.
Trojan:Win32/Alureon.BP is a detection for a particular Microsoft Windows DLL file that has been modified to load a malicious library.
A file detected as Trojan:Win32/Alureon.BP is a modified MSVCRT.DLL file. This file may have been modified by another malware. The modification replaces an API (Application Programming Interface) exported by MSVCRT.DLL with a snippet of malicious code designed to load a DLL named DLL.DLL, which is possibly a dropped malicious component of the Win32/Alureon family of trojans.
Trojan:Win32/Alureon.B is a trojan that may help an attacker intercept inbound and outbound Internet traffic from the host computer. This may allow an attacker to capture confidential information such as user names, passwords, and credit card data. The trojan may also enable an attacker to transmit malicious data to the infected computer. Trojan:Win32/Alureon.B may modify DNS settings on the host computer to enable the attacker to perform malicious tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.
Trojan:Win32/Alureon.E is a trojan that modifies DNS settings on the host computer. The altered DNS settings may enable an attacker to intercept inbound and outbound Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The modified DNS settings may also enable an attacker to transmit malicious data to the infected computer. Because the trojan modifies DNS settings on the computer, it may be necessary to reconfigure those settings after the trojan is removed from the computer.
Virus:Win32/Alureon.G is a detection for system drivers infected by members of the Win32/Alureon family.
Win32/Alureon is a multi-component family of trojans involved in a broad range of subversive activities online in order to generate revenue from various sources for its controllers. Mostly, Win32/Alureon is associated with moderating affected user's activities online to the attacker's benefit. As such, the various components of this family have been used for:
redirecting affected user's browsing to sites of the attacker's choice (browser hijacking)
changing DNS settings in order to redirect users to sites of the attacker's choice without the affected user's knowledge
downloading and executing arbitrary files, including additional components and other malware
serving illegitimate advertising
installing Rogue security software
banner clicking
Win32/Alureon also utilizes advanced stealth techniques in order to hinder the detection and removal of its various components.
As some variants of this trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.
This virus is part of the Win32/Alureon family of data-stealing malware. They can give a malicious hacker access to steal your confidential information such as your user names, passwords, and credit card data.
They can also send malicious data to your PC and corrupt some driver files, making them unusable.
Trojan:Win32/Alureon.BF is the detection for a DLL file usually dropped along with an installation of a known fake anti-virus malware family called Trojan:Win32/FakeRean. Trojan:Win32/Alureon.BF may be used to redirect the affected machine to various preconfigured Web sites.
Trojan:Win32/Alureon.gen!W is a generic detection for a component of Win32/Alureon - a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data.
The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.
This threat is a dropper component of the Win32/Alureon family of trojans. It installs a driver, which is detected as Trojan:WinNT/Alureon.L, and connects to a server to send information about your PC to a malicious hacker.