Home / malware Trojan:Win32/Alureon.BP
First posted on 18 May 2009.
Source: SecurityHomeAliases :
Trojan:Win32/Alureon.BP is also known as Also Known As:Win32/Alureon (CA), W32/DNSChanger.EGOH (Norman), Backdoor.Tidserv (Symantec).
Explanation :
Trojan:Win32/Alureon.BP is a detection for a particular Microsoft Windows DLL file that has been modified to load a malicious library. A file detected as Trojan:Win32/Alureon.BP is a modified MSVCRT.DLL file. This file may have been modified by another malware. The modification replaces an API (Application Programming Interface) exported by MSVCRT.DLL with a snippet of malicious code designed to load a DLL named DLL.DLL, which is possibly a dropped malicious component of the Win32/Alureon family of trojans.
Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).
Trojan:Win32/Alureon.BP is a detection for a particular Microsoft Windows DLL file that has been modified to load a malicious library. A file detected as Trojan:Win32/Alureon.BP is a modified MSVCRT.DLL file. This file may have been modified by another malware. The modification replaces an API (Application Programming Interface) exported by MSVCRT.DLL with a snippet of malicious code designed to load a DLL named DLL.DLL, which is possibly a dropped malicious component of the Win32/Alureon family of trojans.
Analysis by Jireh SanicoLast update 18 May 2009
