We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Estiwir.A
Aliases: Win-Trojan/Agent.42496.US (AhnLab) W32/OnlineGames.IS.gen!Eldorado (Command) Trojan.Win32.Mixil.f (Kaspersky) winpe/Suspicious_Gen4.CFUOV (Norman) Win32/DH.FF85019D{Mw} (AVG) TR/Spy.Browser.1894 (Avira) Gen:Trojan.Heur.bi5@ID6llpi (BitDefender) Trojan.Siggen4.56382 (Dr.Web) Win32/TrojanDownloader.Agent.RRX trojan (ESET) Packer.Malware.NSAnti (Ikarus) Generic.atg-FAXG!39BB69F46394 (McAfee) Trojan.PSW.OnlineGames!4D9C (Rising AV)
Summary
Windows Defender detects and removes this threat.
This trojan downloads other malware onto your computer and can stop some programs or applications from working correctly.
It is downloaded onto your computer by other malware, including PWS:Win32/OnLineGames.AH and PWS:Win32/Lolyda.BF.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials or, for Windows 8, Windows Defender
- Microsoft Safety Scanner.
This threat may download other malware that can steal your information by recording usernames and passwords. After you remove this threat it is a good idea to change your passwords.
The following page has tips on how to create and use strong passwords: