Home Malware Programs Trojans Alureon.E

Alureon.E

Posted: December 1, 2011

Threat Metric

Threat Level: 9/10
Infected PCs: 14
First Seen: December 1, 2011
Last Seen: November 6, 2021
OS(es) Affected: Windows

Alureon.E is a Trojan from the Alureon family, a group of interconnected rootkits that seek to steal personal information that passes through your web browser (such as passwords and online banking info). Because Alureon.E and other types of Alureon rootkits use sophisticated methods to hide themselves and attack your PC, finding and deleting Alureon.E without software-based assistance is unlikely at the best of times. However, SpywareRemove.com malware researchers are glad to note that equally-advanced anti-malware scanners can remove Alureon.E and its relatives under the proper conditions. Any possibility of Alureon.E infection should be considered to be a high-priority risk for any personal information that passes through your browser, particularly financial transaction-related data.

Alureon.E: Fiddling with Windows Settings That It Has No Business Being Around

Alureon.E is just one of many Trojans and rootkits from the large Alureon subgroup, and like its relatives (such as TrojanDropper:Win32/Alureon.V, Trojan:dos/alureon.dx, Trojan:Win32/Alureon.gen!AB and Trojan:Win32/Alureon.BB), Alureon.E will hide from notice while Alureon.E carries out subversive attacks against your PC. Alureon.E's primary function is to change the Domain Name System (or DNS) settings of Windows, thus allowing Alureon.E to redirect your web browser to malicious websites or monitor private information. SpywareRemove.com malware experts note that DNS-based attacks by Alureon.E can cause:

  • Loss of confidential information such as credit card numbers, passwords, etc., which Alureon.E may snatch as soon as you try to send it through your web browser.
  • Exposure to a wide range of malicious websites. This can include phishing sites, sites that install malicious software via drive-by-download scripts or sites that promote malicious software. A particularly prominent danger is the risk of being redirected to phishing sites that look identical to safe websites whenever you try to access a popular site (such as a search engine or a bank's website).

These DNS changes take place immediately after Alureon.E is installed and may remain in place even after you remove Alureon.E with appropriate anti-malware software. In such instances, SpywareRemove.com malware experts strongly recommend that you restore your original DNS values to avoid any exposure to malicious sites that may indulge in the above attacks.

Alureon.E's Deadly but Secretive Infiltration

In spite of Alureon.E's extraordinarily-invasive attacks, Alureon.E takes care to avoid being seen. Alureon.E will launch itself automatically and may not have a visible process in Task Maanger. Alureon.E itself doesn't possess any exceptional defensive features beyond simple hiding, but SpywareRemove.com malware experts warn that other Alureon components that can be installed with Alureon.E may make other attacks that cause it to be difficult to get rid of Alureon.E. This can include blocking your anti-malware programs and redirecting your browser away from PC security sites.

Other than its DNS changes, Alureon.E has no easily-noticed symptoms. However, anti-malware programs can remove Alureon.E as long as you use Safe Mode or another method to disable the rootkit prior to scanning your PC. Alureon.E may also be detected by one of its aliases, including Trojan:Win32/Alureon.E, TROJ_SMALL.BPP, Win32/Alureon!generic, Trojan-Downloader.Win32.Agent.uj, W32/Agent.YTS, Troj/RuinDl-F, Downloader-ASI and Win32/Alureon.B.

Related Posts

Loading...