Trojan:Win32/Alureon.EQ
Trojan:WinNT/Alureon.L
Trojan:Win32/Alureon!inf
Trojan:Win32/Alureon.CO
Trojan:DOS/Alureon.M
Windows Defender detects and removes this threat.
The threat is a member of the Alureon family of data-stealing trojans. These trojans allow a malicious hacker to get confidential information such as your user names, passwords, and credit card data.
For more information on the Alureon family, see the Alureon family description and the DOS/Alureon description.
Trojan:DOS/Alureon.J
Windows Defender detects and removes this threat.
The threat is a member of the Alureon family of data-stealing trojans. These trojans allow a malicious hacker to get confidential information such as your user names, passwords, and credit card data.
For more information on the Alureon family, see the Alureon family description and the DOS/Alureon description.
Trojan:Win32/Alureon.gen!AD
Trojan:Win32/Alureon.gen!AD is the generic detection for variants of the Win32/Alureon family. This malware can execute in 64-bit versions of Windows and uses exploits to install other Alureon components. It communicates with a remote server to report its installation and to download updates of the malware. This variant uses advanced stealth techniques such as modifying the Master Boot Record (MBR) to hinder detection and removal of its various components.
Virus:Win32/Alureon.A
Microsoft security software detects this threat.
This threat can send malicious data to your PC and corrupt some driver files, making them unusable..
See the Win32/Alureon family description for more information.
Virus:Win64/Alureon.gen!B
Microsoft security software detects this threat.
This virus is a part of the Win64/Alureon family of data-stealing malware. They can give a malicious hacker access to your personal information, such as your user names, passwords, and credit card data.
Trojan:DOS/Alureon.K
Windows Defender detects this threat.
The threat is a member of the Alureon family of data-stealing trojans. These trojans allow a malicious hacker to get confidential information such as your user names, passwords, and credit card data.
For more information on the Alureon family, see the Alureon family description and the DOS/Alureon description.
Trojan:DOS/Alureon.A
Windows Defender detects and removes this threat.
This threat is part of the Alureon malware family. It runs a file installed by other Alureon malware.
Trojan:Win32/Alureon.FK
Trojan:Win32/Alureon.FK is a component of Win32/Alureon - a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer.
The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. As a result, it may be necessary to reconfigure DNS settings after Win32/Alureon is removed from the computer.
Restoring DNS Settings
The Domain Name System (DNS) is used (among other things) to map domain names to IP addresses - that is, to map human-readable domain names to machine-readable IP addresses. When a user attempts to visit a particular URL, a browser will use DNS servers to find the correct IP address of the requested domain. When a user is directed to a malicious server that is not part of the authoritative Domain Name System, an attacker can provide incorrect IP addresses at their choice to map to particular domain names, thus directing the user to possibly bogus or malicious sites without the affected user's knowledge.
Win32/Alureon may modify DNS settings on the host computer, thus the following steps may be required after the Win32/Alureon removal is complete:
- If the computer has a network interface that does not receive a configuration using DHCP, reset the DNS configuration if necessary. For information on configuring TCP/IP to use DNS in Windows XP, see http://support.microsoft.com/kb/305553
- If a dial-up connection is sometimes used from the computer, reconfigure the dial-up settings in the rasphone.pbk file as necessary, as Win32/Alureon may set the fields "IpDnsAddress" and "IpDns2Address" in the rasphone.pbk file to the attacker's address. The Microsoft scanner code that automatically removes Win32/Alureon backs up the infected dial-up configuration file to:
%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Connections\Pbk\rasphone.pbk.bak
Trojan:Win32/Alureon.GQ
Windows Defender detects and removes this threat.
Trojan:Win32/Alureon.GQ is a member of the Win32/Alureon family of malware - a family of data-stealing malware. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information from your computer, such as user names, passwords, and credit card data.
The trojan is also used to generate traffic to specific URLs.
Win32/Alureon can also allow an attacker to transmit malicious data to your computer. It might modify DNS settings on your computer to enable the attacker to perform these tasks.
The Domain Name System (DNS) is used (among other things) to map domain names to IP addresses - that is, to map human-readable domain names to machine-readable IP addresses. When you attempt to visit a particular URL, a browser uses DNS servers to find the correct IP address of the requested domain. When you are directed to a malicious server that is not part of the authoritative Domain Name System, an attacker can provide incorrect IP addresses at their choice to map to particular domain names, thus directing you to possibly bogus or malicious sites without your knowledge.
You might need to reconfigure DNS settings after the trojan is removed from your computer. See the "What to do now" section below for advice on how to do this.
Trojan:DOS/Alureon.AB
Windows Defender detects and removes this threat.
Trojan:DOS/Alureon.AB is a part of Win32/Alureon - a family of data-stealing malware. Alureon steals confidential information from your computer, such as user names, passwords, and credit card data. Win32/Alureon may also allow an attacker to transmit malicious data to your computer.
This particular variant infects the Master Boot Record (MBR).
Trojan:Win32/Alureon.gen!AB
Trojan:Win32/Alureon.gen!AB is the generic detection for a member of the Win32/Alureon family. It drops another malware, tries to delete the Hosts file, and tries to create a virtual file system (VFS). It may also connect to certain servers.
Trojan:Win32/Alureon.GI
Trojan:Win32/Alureon.GJ
Trojan:Win32/Alureon.GK
Trojan:Win32/Alureon.GL
Virus:Win32/Alureon.gen!D
Windows Defender detects and removes this threat.
This virus is a component of Win32/Alureon - a family of data-stealing malware. They allow a hacker to collect confidential information such as your user names, passwords, and credit card data.