Published Mar 08, 2011|Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Virus.Win32.TDSS.e (Kaspersky) Trojan.Generic.5427294 (BitDefender) Generic.dx!vpv (McAfee)


Virus:Win32/Alureon.J is a detection for system drivers infected by members of the Win32/Alureon family.
Win32/Alureon is a multi-component family of trojans involved in a broad range of subversive activities online in order to generate revenue from various sources for its controllers. Mostly, Win32/Alureon is associated with moderating affected user's activities online to the attacker's benefit. As such, the various components of this family have been used for:
  • Modifying affected user's search results (search hijacking)
  • Redirecting affected user's browsing to sites of the attacker's choice (browser hijacking)
  • Changing Domain Name System (DNS) settings in order to redirect users to sites of the attacker's choice without the affected user's knowledge
  • Downloading and executing arbitrary files, including additional components and other malware
  • Serving illegitimate advertising
  • Installing Rogue security software
  • Clicking banners
Win32/Alureon also utilizes advanced stealth techniques in order to hinder the detection and removal of its various components.
Some variants of this trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.


Latest news