Trojan:Win32/Spyeye
Trojan:Win32/Spyeye is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/Spyeye sends captured data to a remote attacker, may download updates and has a rootkit component to hide its malicious activity.
Trojan:Win32/EyeStye.AE
PWS:Win32/Zbot.TQ
Trojan:Win32/Dishigy.A
Trojan:Win32/Dishigy.A is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/Dishigy.A sends captured data to a remote attacker and is capable of downloading additional malicious components.
Trojan:SymbOS/Spitmo.A
Trojan:SymbOS/Spitmo.A is a trojan that targets mobile devices running the Symbian operating system (SymbOS). It steals information from the device, and sends it to a remote server.
Backdoor:Win32/Canoswei.A
Trojan:Win32/EyeStye.M
Worm:Win32/Nusump
TrojanDropper:Win32/EyeStye
This threat drops and installs Trojan:Win32/EyeStye, a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing".
TrojanDownloader:Win32/Croves.A
TrojanDownloader:Win32/Croves.A is a trojan that downloads and executes other malware. It may arrive with an icon resembling a Microsoft Word document.
Worm:Win32/Autorun.ABO
Trojan:Win32/EyeStye.B!cfg
Trojan:Win32/EyeStye.B!cfg is the detection for the configuration file used by the Trojan:Win32/EyeStye malware family.
Worm:Win32/Cridex.B
Trojan:Win32/EyeStye
Trojan:Win32/EyeStye is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/EyeStye sends captured data to a remote attacker, may download additional malicious components, and may use a rootkit component to hide malicious activity.
TrojanSpy:Win32/Delf.CL
TrojanSpy:Win32/Delf.CL is a malware binary written in Delphi and packed with a custom packer to make analysis harder. It gathers email accounts with their associated credentials from the affected computer and then sends them out to a remote attacker.
Trojan:Win32/Witkinat.A
Ransom:Win32/LockScreen.AO
Microsoft Defender Antivirus detects and removes this threat.
Ransom:Win32/LockScreen.AO is a ransomware that locks you out of your desktop. It asks you to pay a ransom fee so that you can regain use of your desktop.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.