Trojan:Win32/Alureon.GC

Trojan:Win32/Alureon.GC Description

Trojan:Win32/Alureon.GC is a Trojan that replicates itself to a particular location on a compromised PC. Trojan:Win32/Alureon.GC checks which Windows version a computer user is running and installs a specific version of itself. Trojan:Win32/Alureon.GC creates the registry entry to make sure that it starts whenever the computer user boots up the corrupted PC. Trojan:Win32/Alureon.GC aims to embed its payload into the files such as Explorer.exe, Firefox.exe, Iexplore.exe and Mozilla.exe. Trojan:Win32/Alureon.GC contacts a remote server indicated in its configuration file. The configuration file may incorporate the instructions such as dropping and installing files, dropping and installing modules, updating itself, inserting itself into processes using various methods, transmitting logs of its activity to a distant server and writing to a configuration file. The dropped configuration file is stored in a specific location of the targeted computer system. The file is encrypted using a version of the RC4 encryption algorithm and the key is produced using the attacked PC's GUID to make it hard to decrypt.

Do You Suspect Your Computer May Be Infected with Trojan:Win32/Alureon.GC & Other Threats? Scan Your Computer with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like Trojan:Win32/Alureon.GC as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover*
Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Technical Information

Registry Details

Trojan:Win32/Alureon.GC creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "[random_file name]" = "%APPDATA%\[random_filename].exe"

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.