Spectating the Trojan:WinNT/Alureon.G detection name usually means that your system is in big danger. This computer virus can correctly be identified as ransomware – type of malware which ciphers your files and forces you to pay for their decryption. Deleteing it requires some peculiar steps that must be taken as soon as possible.
Trojan:WinNT/Alureon.G detection is a malware detection you can spectate in your system. It usually shows up after the preliminary procedures on your PC – opening the suspicious email, clicking the banner in the Internet or installing the program from untrustworthy resources. From the second it shows up, you have a short time to take action until it starts its harmful activity. And be sure – it is better not to wait for these destructive effects.
What is Trojan:WinNT/Alureon.G virus?
Trojan:WinNT/Alureon.G Summary
In total, Trojan:WinNT/Alureon.G virus actions in the infected computer are next:
- The binary likely contains encrypted or compressed data.;
- Authenticode signature is invalid;
- Encrypting the files located on the victim’s disk — so the victim cannot use these files;
- Blocking the launching of .exe files of anti-malware programs
- Blocking the launching of installation files of anti-malware programs
Ransomware has actually been a horror story for the last 4 years. It is hard to imagine a more damaging malware for both individuals and companies. The algorithms utilized in Trojan:WinNT/Alureon.G (generally, RHA-1028 or AES-256) are not hackable – with minor exclusions. To hack it with a brute force, you need to have more time than our galaxy currently exists, and possibly will exist. But that malware does not do all these bad things without delay – it can take up to several hours to cipher all of your documents. Thus, seeing the Trojan:WinNT/Alureon.G detection is a clear signal that you must start the elimination process.
Where did I get the Trojan:WinNT/Alureon.G?
Routine tactics of Trojan:WinNT/Alureon.G spreading are usual for all other ransomware examples. Those are one-day landing web pages where users are offered to download and install the free app, so-called bait e-mails and hacktools. Bait emails are a pretty modern tactic in malware distribution – you receive the email that imitates some standard notifications about deliveries or bank service conditions modifications. Inside of the e-mail, there is a malicious MS Office file, or a link which leads to the exploit landing site.
Malicious email message. This one tricks you to open the phishing website.
Avoiding it looks quite uncomplicated, but still demands a lot of awareness. Malware can hide in various places, and it is better to prevent it even before it goes into your PC than to trust in an anti-malware program. Common cybersecurity awareness is just an essential thing in the modern-day world, even if your interaction with a computer stays on YouTube videos. That may save you a lot of money and time which you would spend while trying to find a solution.
Trojan:WinNT/Alureon.G malware technical details
File Info:
name: FFAAFEC178525C6DE3AC.mlwpath: /opt/CAPEv2/storage/binaries/eb6cb2cd9974c9a9f5e5dbe02191c8001875f50057a61d6b0fcb8f4adffbc811crc32: DC88CAACmd5: ffaafec178525c6de3ace6b51605f430sha1: 808198c5e71f6ed730d35ce02f9f773899dc9ca0sha256: eb6cb2cd9974c9a9f5e5dbe02191c8001875f50057a61d6b0fcb8f4adffbc811sha512: 2acab3578d65f162d307e957a3bdfc067b9f29fd9a10377bd57f741b2b84426f3fe256ae0150987f880f7c9555ca4bd8fad82a6fcf676756ef73b38ccc2a21f3ssdeep: 384:ReIsW7GVaGIKabf5+BGpQe4ojXCQYF9BSD0M+kGr:4KqcGIKa9nmluCQKfSD0M+kGrtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T15AB28EA3A3D00467F4BA2F3154B308515C7ABF6A2CA2C69DA31401EE5CB5718EE79733sha3_384: f4eb449c3c324afca0165e4953a5d0a3b6bbd997912be7174a908613b4f5e1ffa257bf5952a8797cd99513e906173fe3ep_bytes: 558bec83e4f883ec1a83ec125356576atimestamp: 2009-10-14 10:18:49Version Info:
0: [No Data]
Trojan:WinNT/Alureon.G also known as:
| Bkav | W32.AIDetectMalware |
| MicroWorld-eScan | Gen:Trojan.Heur.TDss.buW@kK0Z0ddi |
| FireEye | Generic.mg.ffaafec178525c6d |
| McAfee | DNSChanger.eq |
| Sangfor | Trojan.Win32.Olmarik.OU |
| K7AntiVirus | Adware ( 004e50871 ) |
| K7GW | Adware ( 004e50871 ) |
| Cybereason | malicious.178525 |
| Symantec | Trojan.Gen.MBT |
| Elastic | malicious (high confidence) |
| ESET-NOD32 | a variant of Win32/Olmarik.OU |
| APEX | Malicious |
| Cynet | Malicious (score: 100) |
| Kaspersky | Packed.Win32.TDSS.z |
| BitDefender | Gen:Trojan.Heur.TDss.buW@kK0Z0ddi |
| NANO-Antivirus | Trojan.Win32.Tdss.btyti |
| Avast | Win32:Alureon-DW [Rtk] |
| Emsisoft | Gen:Trojan.Heur.TDss.buW@kK0Z0ddi (B) |
| F-Secure | Trojan.TR/Vundo.Gen |
| DrWeb | BackDoor.Tdss.based.7 |
| VIPRE | Gen:Trojan.Heur.TDss.buW@kK0Z0ddi |
| TrendMicro | BKDR_TDSS.SMA |
| McAfee-GW-Edition | DNSChanger.eq |
| Trapmine | malicious.high.ml.score |
| Sophos | Mal/TDSSPack-W |
| SentinelOne | Static AI – Suspicious PE |
| GData | Gen:Trojan.Heur.TDss.buW@kK0Z0ddi |
| Jiangmin | Pack.TDSS.Gen |
| Avira | TR/Vundo.Gen |
| Antiy-AVL | Trojan[Packed]/Win32.TDSS |
| Xcitium | Win32.PkdTDSS.Z@1nz6jr |
| Arcabit | Trojan.Heur.TDss.ED1013E |
| ZoneAlarm | Packed.Win32.TDSS.z |
| Microsoft | Trojan:WinNT/Alureon.G |
| Detected | |
| AhnLab-V3 | Backdoor/Win32.Tdss.R7 |
| BitDefenderTheta | AI:Packer.4A784FE421 |
| ALYac | Gen:Trojan.Heur.TDss.buW@kK0Z0ddi |
| MAX | malware (ai score=84) |
| VBA32 | BScope.Backdoor.Tdss |
| Cylance | unsafe |
| Panda | Bck/Tdss.Z |
| TrendMicro-HouseCall | BKDR_TDSS.SMA |
| Rising | Malware.Undefined!8.C (TFE:3:oXuPjLFH9aN) |
| Yandex | Trojan.Alureon.Gen!Pac.6 |
| Ikarus | Trojan.Win32.Alureon |
| MaxSecure | Packed.W32.TDSS.Z |
| Fortinet | W32/TDSS.BC!tr |
| AVG | Win32:Alureon-DW [Rtk] |
| DeepInstinct | MALICIOUS |
| CrowdStrike | win/malicious_confidence_100% (D) |
Leave a Comment