Trojan:Win32/Alureon.EP is component of Win32/Alureon - a family of data-stealing trojans. Trojan:Win32/Alureon.EP is the detection for a component that drops and loads a driver component.

Trojan:Win32/Alureon.BH is a component of Win32/Alureon - a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. As a result, it may be necessary to reconfigure DNS settings after Win32/Alureon is removed from the computer.

Trojan:Win32/Alureon.BF is the detection for a DLL file usually dropped along with an installation of a known fake anti-virus malware family called Trojan:Win32/FakeRean. Trojan:Win32/Alureon.BF may be used to redirect the affected machine to various preconfigured Web sites.

Trojan:Win32/Alureon.BD is a component of Win32/Aureon - a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. As a result, it may be necessary to reconfigure DNS settings after Win32/Alureon is removed from the computer.

 

This component intercepts system API functions to redirect DNS queries.

Trojan:Win32/Alureon.BB is a detection for a trojanized version of the system file advapi32.dll. It is modified by a component of the Win32/Alureon family to run other components.

Trojan:Win32/Alureon.AS is a component of the Trojan:Win32/Alureon family that may change stored DNS server information on the host computer.

Trojan:Win32/Alureon.BE is a trojan that may send system information to a remote address. Its detection may be hindered by a rootkit component, which may be detected as Trojan:WinNT/Alureon.D.

 

The Alureon family is also known to change a system's DNS settings. The Domain Name System (DNS) is used (among other things) to map domain names to IP addresses - that is, to map human-readable domain names to machine-readable IP addresses. When a user attempts to visit a particular URL, a browser will use DNS servers to find the correct IP address of the requested domain. When a user is directed to a malicious server that is not part of the authoritative Domain Name System, an attacker can provide incorrect IP addresses at their choice to map to particular domain names, thus directing the user to possibly bogus or malicious sites without the affected user's knowledge.

 

For more information refer to the description for the Win32/Alureon family.

Trojan:Win32/Alureon.A is a data-stealing trojan. This trojan allows an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. Trojan:Win32/Alureon.A may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after Trojan:Win32/Alureon.A is removed from the computer.

Trojan:Win32/Alureon.gen!B is generic detection for a trojan that may help an attacker intercept inbound and outbound Internet traffic from the host computer. This may allow an attacker to capture confidential information such as user names, passwords, and credit card data. The trojan may also enable an attacker to transmit malicious data to the infected computer. Trojan:Win32/Alureon.gen!B may modify DNS settings on the host computer to enable the attacker to perform malicious tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.

TrojanDropper:Win32/Alureon.V is a detection for malware that drops and launches other malware.

Trojan:Win32/Alureon.EC is a component of Win32/Alureon - a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. As a result, it may be necessary to reconfigure DNS settings after Win32/Alureon is removed from the computer.

Windows Defender Antivirus detects and removes this threat. 

This threat is a dropper component of the Win32/Alureon family of trojans. It installs a driver, which is detected as Trojan:WinNT/Alureon.L, and connects to a server to send information about your PC to a malicious hacker.

Trojan:Win32/Alureon.TK is a variant of the Win32/Alureon family that may attempt to embed HTML code into webpages visited by the the user or redirect the browser to certain websites.

Trojan:Win32/Alureon.EZ is a variant of Win32/Alureon, a family of multi-component trojans capable of controlling an infected system's local network and internet access. It can execute in 64-bit systems and uses exploit code to install its components.

This variant also uses advanced stealth techniques, like modifing the Master Boot Record (MBR), to hinder the detection and removal of its various components.

Trojan:Win32/Alureon.FL is a component of Win32/Alureon - a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. As a result, it may be necessary to reconfigure DNS settings after Win32/Alureon is removed from the computer.

Windows Defender Antivirus detects and removes this threat.

 

Trojan:Win32/Alureon.GC is a member of Win32/Alureon - a family of data-stealing trojans.

Virus:Win32/Alureon.gen!A is a component of Win32/Alureon - a family of data-stealing malware. Alureon allows an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. Win32/Alureon may also allow an attacker to transmit malicious data to your computer.
 
This threat can make it difficult for you to download, install or update your virus protection, whether you have an antivirus product such as Microsoft Security Essentials installed on your computer or not.

If you suspect you have been infected with this threat, we recommend using Windows Defender Offline to detect and remove it; please see detailed instructions on how to use Windows Defender Offline below.

Virus:Win32/Alureon.gen!C is a component of Win32/Alureon - a family of data-stealing malware. Alureon allows an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. Win32/Alureon may also allow an attacker to transmit malicious data to your computer.
 
This threat can make it difficult for you to download, install or update your virus protection, whether you have an antivirus product such as Microsoft Security Essentials installed on your computer or not.

If you suspect you have been infected with this threat, we recommend using Windows Defender Offline to detect and remove it; please see detailed instructions on how to use Windows Defender Offline below.