Trojan.SpyEye!gen1

If you are looking for ways to remove Trojan.SpyEye!gen1, then you can find it on this page. Free tools and removal procedure is included on this page to get rid of the Trojan instantly.

Trojan.SpyEye!gen1 is a generic detection for a threat that are found linked to Trojan.Spyeye family. Files detected as Trojan.Spyeye are malicious and may possess great danger to the affected system and its network environment. This Trojan can conceal itself once it arrives on the target computer. It is using a rootkit technique that will allow the Trojan to inject malicious code to legitimate Windows process.

Alias: BackDoor-Spyeye, Troj/Agent-NEU, Troj/Spyeye-B, Troj/Agent-NPP, Troj/Spyeye-H

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Windows Vista

Characteristics
When user executes Trojan.SpyEye!gen1, it will drop a configuration file that is in password-protected compressed format. Alongside with that, the Trojan also drops another file that intends to unzip the configuration file on a given command. To execute the Trojan on Windows start-up, it will adjust the registry and add its own entry.

Next, the Trojan will inject harmful code to current running process to accomplish the following tasks:

  • Record ongoing network traffic.
  • Pass through a firewall by sending and receiving collected network packets.

Other payload of Trojan.SpyEye!gen1 includes the following:

  • Trojan.SpyEye!gen1 will run in the background and connects to an specified address to download additional threat.
  • The Trojan can open a backdoor on compromised computer and allow a remote attacker to perform various actions.
  • This Trojan uses special technique called rootkit to hide its process on the system.
  • It can steal information by monitoring Internet browsers such as Mozilla FireFox, Internet Explorer and Maxthon.
  • Log key presses made by the victim on keyboard.
  • Perform other tasks to improve the Trojan.
  • The threat will send stolen data to a remote server.

Distribution
Trojan.SpyEye!gen1 is mainly distributed as part of Trojan Downloader. File-sharing networks and spam email messages are also considered as other method for its propagation.

How to Remove Trojan.SpyEye!gen1

NOTE: We suggest that you PRINT or BOOKMARK this guide. There are steps that we may have to restart the computer in order to successfully remove the threat.

Step 1 : Scan and remove Trojan.SpyEye!gen1 with MalwareBytes Anti-Malware

This guide requires a tool called Malwarebytes' Anti-Malware. It is a free tool designed to eradicate various computer infections including Trojan.SpyEye!gen1. MBAM scanner and malware removal tool is distributed for free.

1. In order to completely remove Trojan.SpyEye!gen1, it is best to download and run the recommended tool. Please click the button below to begin download.

Download Tool

2. After downloading, double-click on the file to install the application. If you are using Windows Vista or Windows 7, right-click on the file and select 'Run as administator' from the list.
3. When User Account Control prompts, please click Yes to proceed with the installation.

4. Follow the prompts and install as 'default' only. There are no changes needed during the installation process.
5. Before the installation procedure ends, MalwareBytes Anti-Malware will ask for database update, please proceed.

MalwareBytes Anti-Malware Update

6. Click Finish button after installation. Program will run automatically run and you will be prompted to update if newer version of database is available.
7. At this moment, close MalwareBytes Anti-Malware and proceed with the next step.

Run a thorough scan in Safe Mode to remove Trojan.SpyEye!gen1

8. Remove all media such as floppy drive, cd, dvd, and USB devices. Then, restart the computer in Safe Mode using the procedures below.

Boot in Safe Mode on Windows XP, Windows Vista, and Windows 7 system
a) Before Windows begins to load, press F8 on your keyboard.
b) It will display the Advanced Boot Options menu. Select Safe Mode.

Start computer in Safe Mode using Windows 8
a) Before Windows begins to load, press Shift and F8 on your keyboard.
b) On Recovery interface, click on 'See advanced repair options'.
c) Next, click on Troubleshoot option.
d) Then, select Advanced options from the list.
e) Lastly, please choose Windows Startup Settings and click on Restart. When Windows restarts, you will be send to a familiar Advanced Boot Options screen.
f) Select Safe Mode from the selections menu.

Safe Mode

9. Once Windows is running on Safe Mode, find the icon of MalwareBytes Anti-Malware. Double-click to launch the program.
10. Choose Perform full scan on scanner's console to ensure that it thoroughly check the PC for any presence of Trojan.SpyEye!gen1 and other forms of threats. Click the Scan button to start.

MBAM Scan

11. Once the scan has completed, Malwarebytes Anti-Malware will issue a list of identified threats. Mark all threats and click on Remove Selected.
12. If it prompts to restart the computer, please reboot Windows normally.

Step 2 : Run a scan with your antivirus program

1. Repeat the process of starting Windows in Safe Mode with Networking.
2. Open your antivirus program and download the most recent update. This method ensures that your antivirus program can detect even newer variants of Trojan.SpyEye!gen1.

Updating your antivirus software is a one-click process. Please refer to your software manual for complete instructions.

3. Once updating is finished, run a full system scan on the affected PC. After the scan, delete all infected items. If unable to clean or delete, better place the threat in quarantine.

Step 3: Run another test with online virus scanner

Another way to remove Trojan.SpyEye!gen1 without the need to install additional antivirus software is to perform a thorough scan with free online virus scanner. It can be found on websites of legitimate antivirus and security provider.

1. Click the button below to proceed to the list of suggested Online Virus Scanner. Choose your desired provider. You can run each scan individually, one at a time, to ensure that all threats will be removed from the computer. This may require plug-ins, add-on or Activex object, please install if you want to proceed with scan.

Online Virus Scan

2. After completing the necessary download, your system is now ready to scan and remove Trojan.SpyEye!gen1 and other kinds of threats.
3. Select an option in which you can thoroughly scan the computer to make sure that it will find and delete entirely all infections not detected on previous scan.
4. Remove or delete all detected items.
5. When scanning is finished, you may now restart the computer in normal mode.

Alternative Removal Procedures for Trojan.SpyEye!gen1

Option 1 : Use Windows System Restore to return Windows to previous state

During an infection, Trojan.SpyEye!gen1 drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.

To verify if System Restore is active on your computer, please follow the instructions below to access this feature.

How to Access System Restore on Windows XP, Windows Vista, and Windows 7

a) Go to Start Menu, then under 'Run' or 'Search Program and Files' field, type rstrui.
b) Then, press Enter on the keyboard to open System Restore Settings.

rstrui-win7

How to Open System Restore on Windows 8

a) Hover your mouse cursor to the lower left corner of the screen and wait for the Start icon to appear.
b) Right-click on the icon and select Run from the list. This will open a Run dialog box.
c) Type rstrui on the 'Open' field and click on OK to initiate the command.

rstrui-win8

If previous restore point is saved, you may proceed with Windows System Restore. Click here to see the full procedure.

Option 2 : Trojan.SpyEye!gen1 manual uninstall guide

IMPORTANT! Manual removal of Trojan.SpyEye!gen1 requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to Trojan.SpyEye!gen1.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Trojan.SpyEye!gen1 files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section.
- Close registry editor. Changes made will be saved automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by Trojan.SpyEye!gen1.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Technical Reference

Associated Files and Folders:Added Registry Entries:

Ways to Prevent Trojan.SpyEye!gen1 Infection

Take the following steps to protect the computer from threats. Suggested tools and security setup within installed software helps prevent the same attack on your PC.

Install an effective anti-malware program

Your first line of defense would be an effective security program that provides real-time protection. We have a list of anti-malware program that are tried and tested. It does not only scan files but also monitors your Internet traffic and is extremely active on blocking malicious communication. Click on the button below to download our recommended anti-malware program.

Get Protection Software

Always update your installed software

Software vendors constantly releases updates for programs whenever a flaw is discovered. Getting the updates makes the computer more secured and help prevents Trojan, virus, malware, and Trojan.SpyEye!gen1 similar attacks. If in case your program is not set for instant update, it usually offered from vendor's web site, which you can download anytime.

Maximize the security potential of your Internet browser

Each browser has their own feature where in you can adjust the security settings that fit your browsing habit. We highly encourage you to maximize the setup to tighten the security of your browser.

Apply full caution when using the Internet

Internet is full of fraud, malware, and many forms of computer threats including Trojan.SpyEye!gen1. Implement full caution with links that you may receive from emails, social networking sites, and instant messaging programs. It might lead you to malicious sites that can cause harm to your computer. Avoid strange web sites that offers free services and software downloads.