We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Spyeye
Aliases: W32/Backdoor2.HIVE (Command) W32/SpyEye.EM (Norman) TrojanSpy.SpyEyes!FR8m+BE7HUc (VirusBuster) TR/Spy.SpyEyes.hug (Avira) Win32/Spy.SpyEye.CA (ESET) TSPY_SPYEYE.VI (Trend Micro)
Summary
Trojan:Win32/Spyeye is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". Trojan:Win32/Spyeye sends captured data to a remote attacker, may download updates and has a rootkit component to hide its malicious activity.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.