BREAKING NEWS: Windows Defender Advanced Threat Protection (Windows Defender ATP) to include AI-driven automated investigation and remediation capabilities later this year.Learn more
Alert level: Severe Detected with Windows Defender Antivirus
Also detected as: No associated aliases
The Win32/Zuten family steals information related to online games. It accomplishes this by injecting a DLL into the targeted game process and patching API calls. The collected game information is then posted to a remote website. Some of the games targeted by Win32/Zuten include the following:
Legend of Mir
Ruler of the Land
Fantasy Westward Journey
Variants of Win32/Zuten may drop a DLL component that is used to hide files associated with the trojan. This DLL may be detected as VirTool:WinNT/Zuten.
Take the following steps to help prevent infection on your computer:
Enable a firewall on your computer.
Get the latest computer updates for all your installed software.
Use up-to-date antivirus software.
Limit user privileges on the computer.
Use caution when opening attachments and accepting file transfers.
Use caution when clicking on links to Web pages.
Avoid downloading pirated software.
Protect yourself against social engineering attacks.
Use strong passwords.
Enable a firewall on your computer
Get the latest computer updates
Use up-to-date antivirus software
Limit user privileges on the computer
Use caution when opening attachments and accepting file transfers
Use caution when clicking on links to Web pages
Avoid downloading pirated software
Protect yourself from social engineering attacks
Use strong passwords