Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
24 entries found. Displaying page 1 of 2.
Updated on Jul 05, 2011

Trojan:Win32/Spyeye is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/Spyeye sends captured data to a remote attacker, may download updates and has a rootkit component to hide its malicious activity.

Alert level: severe
Updated on Dec 11, 2015
Alert level: severe
Updated on Oct 20, 2023
Alert level: severe
Updated on Sep 06, 2011
Trojan:Win32/EyeStye.AE is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
Alert level: severe
Updated on Apr 11, 2011
PWS:Win32/Zbot.TQ is a trojan that injects code into various processes. It may also steal sensitive system information, such as user names and passwords, and send it back to a remote attacker. It may also connect to various websites and download other components.
Alert level: severe
Updated on Apr 11, 2011

Trojan:Win32/Dishigy.A is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/Dishigy.A sends captured data to a remote attacker and is capable of downloading additional malicious components.

Alert level: severe
Updated on Apr 25, 2011

Trojan:SymbOS/Spitmo.A is a trojan that targets mobile devices running the Symbian operating system (SymbOS). It steals information from the device, and sends it to a remote server.

Alert level: severe
Updated on Aug 17, 2011
Backdoor:Win32/Canoswei.A is a trojan that allows unauthorized access and control of an affected computer.
Alert level: severe
Updated on Aug 26, 2011
Trojan:Win32/EyeStye.M is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Nusump is a worm that spreads via Windows Live Messenger and network and removable drives. It contains limited backdoor functionality that allow it to perform certain actions on the affected computer.
Alert level: severe
Updated on Sep 20, 2015
Windows Defender Antivirus detects and removes this threat.

This threat drops and installs Trojan:Win32/EyeStye, a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing".

Find out ways that malware can get on your PC.  

Alert level: severe
Updated on Jun 21, 2011

TrojanDownloader:Win32/Croves.A is a trojan that downloads and executes other malware. It may arrive with an icon resembling a Microsoft Word document.

Alert level: severe
Updated on Aug 26, 2011
Worm:Win32/Autorun.ABO is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Oct 13, 2011

Trojan:Win32/EyeStye.B!cfg is the detection for the configuration file used by the Trojan:Win32/EyeStye malware family.

Alert level: severe
Updated on Sep 30, 2011
Worm:Win32/Cridex.B is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Commonly, worms may spread directly by copying themselves to removable or network drives, or by attempting to exploit particular vulnerabilities on targeted computers. Worms also often attempt to spread via platforms that require user interaction in order to run. They may send themselves as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In these cases the message needs to be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.
Alert level: severe
Updated on Oct 01, 2012

Trojan:Win32/EyeStye is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/EyeStye sends captured data to a remote attacker, may download additional malicious components, and may use a rootkit component to hide malicious activity.

Alert level: severe
Updated on May 06, 2011

TrojanSpy:Win32/Delf.CL is a malware binary written in Delphi and packed with a custom packer to make analysis harder. It gathers email accounts with their associated credentials from the affected computer and then sends them out to a remote attacker.

Alert level: severe
Updated on Apr 11, 2011
Trojan:Win32/Witkinat.A is a detection for malware that redirects Web search engine queries and also downloads other malware.
Alert level: severe
Updated on Jan 10, 2018

Microsoft Defender Antivirus detects and removes this threat. 

Ransom:Win32/LockScreen.AO is a ransomware that locks you out of your desktop. It asks you to pay a ransom fee so that you can regain use of your desktop.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Aug 01, 2011
TrojanDownloader:Win32/Stegvob.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer.
Alert level: severe