Trojan:Win32/Alureon.EP
Posted: October 1, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 16 |
First Seen: | October 1, 2012 |
---|---|
OS(es) Affected: | Windows |
Trojan:Win32/Alureon.EP is a Trojan dropper that's used to install and launch a secondary component of a multicomponent Alureon infection. Alureon attacks use code injection techniques to hide themselves while they steal confidential information by monitoring your Internet traffic. Because there aren't any meaningful symptoms in a Trojan:Win32/Alureon.EP attack (besides very minor changes to the resource usage of preexisting system processes, like svchost.exe), SpywareRemove.com malware research team recommends using anti-malware products to detect Trojan:Win32/Alureon.EP and the other Alureon-based Trojans that are certain to be found with Trojan:Win32/Alureon.EP. Inadequate anti-malware defenses against Trojan:Win32/Alureon.EP or failure to delete Trojan:Win32/Alureon.EP and its kin quickly enough can result in loss of incredibly sensitive information including banking data and website account passwords.
Trojan:Win32/Alureon.EP – the Smooth Operator for a Spy in Your Machine
Trojan:Win32/Alureon.EP is one of many PC threats that can be included in any particular Alureon attack. Various components are responsible for installing other Alureon Trojans, changing your system settings or monitoring your web-browsing history, for example. If Trojan:Win32/Alureon.EP were to be seen only by itself, Trojan:Win32/Alureon.EP could be considered a minor danger, but since Trojan:Win32/Alureon.EP's entire purpose involves installing and loading other Alureon-related Trojans, Trojan:Win32/Alureon.EP would be considered just part of a very large security hazard for your PC.
After Trojan:Win32/Alureon.EP's installation, Trojan:Win32/Alureon.EP proceeds to attack your computer according to the following strategy, as noted by SpywareRemove.com malware analysts:
- Trojan:Win32/Alureon.EP places a second file (also detected by Trojan:Win32/Alureon.EP) in your system folder.
- Registry entries are created to allow the second copy of Trojan:Win32/Alureon.EP to run automatically, while the first copy of Trojan:Win32/Alureon.EP is deleted to avoid detection.
- The second Trojan:Win32/Alureon.EP exploits code-injection techniques to launch a malicious driver file from within the process spoolsv.exe and loads this driver (identified as Trojan:WinNT/Alureon.S). This driver performs additional code-injection attacks of its own that are used to launch other Alureon components, as well as taking steps to protect these components by redirecting access requests to the original (AKA, uninfected) files.
As a consequence, detection of Trojan:Win32/Alureon.EP and other Alureon Trojans can be difficult for all but highly-advanced anti-malware software.
What It Boils Down to When Trojan:Win32/Alureon.EP Has Its Way with Your System Files
Trojan:Win32/Alureon.EP attacks can, ultimately, result in very significant compromises to your PC's ability to keep information transactions private – including both uploads and downloads. Attacks may inject malicious content (phishing attacks) into bank web pages, monitor text form-based input passively or use other means of stealing personal information while displaying a minimum of symptoms. SpywareRemove.com malware researchers encourage you to use proactive anti-malware protection against Trojan:Win32/Alureon.EP and other Alureon Trojans, but competent anti-malware programs also should be able to delete Trojan:Win32/Alureon.EP, Trojan:WinNT/Alureon.S and other Alureon-based PC threats whenever it's necessary.
After removing Trojan:Win32/Alureon.EP and other Alureon-related Trojans, you may want to contact your bank and other relevant entities to change passwords, security questions and similar account-based information. Even after Trojan:Win32/Alureon.EP and its payload are gone, criminals may still have access to information that was compromised while Trojan:Win32/Alureon.EP was still on your PC.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 139.26 KB (139264 bytes)
MD5: e440e4febd8d4478a0f6bf58bbc8b206
Detection count: 72
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 3, 2012
dfrgtrg.exe
File name: dfrgtrg.exeSize: 315.39 KB (315392 bytes)
MD5: e6bbb702196fb16c9eddbe8cac7dd7bb
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 3, 2012
file.exe
File name: file.exeSize: 217.08 KB (217088 bytes)
MD5: e8153c592ed3a229f6534d86977faca3
Detection count: 69
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 3, 2012
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.