We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
VirTool:WinNT/Hyflid.A
Detected by Microsoft Defender Antivirus
Aliases: Win32/Gamepass.O (CA) Troj/KbdSpy-A (Sophos) Trojan.Downloader.Agent.ZKT (BitDefender) Trojan-Spy.Win32.KeySpy.u (Kaspersky) PWS-OnlineGames.a (McAfee)
Summary
VirTool:WinNT/Hyflid.A is a kernel driver designed to capture keyboard inputs and hide processes. It is dropped and installed by PWS:Win32/OnLineGames.NF as a service.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.
Follow us
