We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanSpy:Win32/Usteal
Aliases: Trojan/Win32.Ruftar (AhnLab) Trojan horse PSW.Generic10.BNFS (AVG) Trojan horse PSW.Generic10.BWOI (AVG) Trojan horse PSW.Generic10.CIUL (AVG) W32/Usteal.A.gen!Eldorado (Command) W32/Troj_Generic.HCCAE (Norman) W32/Troj_Generic.JLPCB (Norman) TR/Spy.Usteal.D.988 (Avira) TR/Spy.Usteal.D.1219 (Avira) Gen:Variant.Zusy.1108 (BitDefender) Trojan.Generic.8712735 (BitDefender) Gen:Variant.Kazy.44973 (BitDefender) Trojan.Generic.KDZ.11916 (BitDefender) Gen:Variant.Symmi.11246 (BitDefender) Trojan.PWS.UFR.3136 (Dr.Web) Trojan.PWS.UFR.3111 (Dr.Web) Trojan.PWS.UFR.3047 (Dr.Web) BackDoor.Comet.152 (Dr.Web) Win32/Injector.AEJK trojan (ESET) Trojan.SuspectCRC (Ikarus) Win32.AdWare.AII (Ikarus) RDN/Generic PWS.y!bn (McAfee) RDN/Generic PWS.y!fg (McAfee) RDN/Generic PWS.y!di (McAfee) BackDoor-FAPT!02357D9CE63E (McAfee) W32/Skintrim.DVYD (Norman) Trojan.PSW.Ldpinch!238F (Rising AV) Mal/Behav-116 (Sophos) Mal/HckPk-D (Sophos) Mal/RufTar-C (Sophos)
Summary
Microsoft security software detects and removes this threat.
This family of malware steals your usernames and passwords for online games and applications. It can also download other malware.
The trojan is usually installed on your computer when you download other applications, images or software. It is also installed by other malware such as Trojan:Win32/LockScreen.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials or, for Windows 8, Windows Defender
- Microsoft Safety Scanner
This threat can steal your usernames and passwords. After you remove this threat it is a good idea to change your passwords.
The following page has tips on how to create and use strong passwords: