Home / malware Trojan:Win32/Alureon.BF
First posted on 24 April 2009.
Source: SecurityHomeAliases :
Trojan:Win32/Alureon.BF is also known as Also Known As:Win32/Alureon.YI (CA), Packed.Win32.Tdss.f (Kaspersky), Mal/TDSSPack-E (Sophos), Trojan.TDss.ET (BitDefender), Win32/Olmarik.HC (ESET), FakeAlert.k (McAfee), Backdoor.Tidserv (Symantec).
Explanation :
Trojan:Win32/Alureon.BF is the detection for a DLL file usually dropped along with an installation of a known fake anti-virus malware family called Trojan:Win32/FakeRean. Trojan:Win32/Alureon.BF may be used to redirect the affected machine to various preconfigured Web sites.
Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).
Trojan:Win32/Alureon.BF is the detection for a DLL file usually dropped along with an installation of a known fake anti-virus malware family called Trojan:Win32/FakeRean. Trojan:Win32/Alureon.BF may be used to redirect the affected machine to various preconfigured Web sites. Trojan:Win32/Alureon.BF is usually installed or dropped in the Windows system folder as a file with the following format:UAC<random letters>.dll This file may be hidden by a rootkit component detected as Trojan:WinNT/Alureon.D. It is usually injected into running applications or processes.
Analysis by Jireh SanicoLast update 24 April 2009
