Skip to main content
Published Jun 30, 2006 | Updated Sep 15, 2017

Win32/Alemod

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

Windows Defender Antivirus detects and removes this threat.
 
Win32/Alemod is a family of data-stealing trojans. An installation of Win32/Alemod includes a trojan dropper and three files that the dropper installs: a dynamic-link library (DLL), a program that displays a Web-shortcut icon in the taskbar notification area, and a partial-uninstaller program. The trojan dropper infects the Windows system file wininet.dll in order to capture data from outgoing user web traffic. Win32/Alemod transmits the captured user data to other websites and places a hypertext link and other shortcuts to potentially malicious websites on the user desktop. Microsoft detects the infected wininet.dll file as Win32/Nsag. 
Follow us