We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
PWS:Win32/Lolyda.S
Detected by Microsoft Defender Antivirus
Aliases: Win32/Lolyda.BT (CA) Trojan.PWS.Onlinegames.ZVX (BitDefender) Infostealer.Onlinegame (Symantec) Trojan.Win32.Agent.adyn (Kaspersky)
Summary
PWS:Win32/Lolyda.S is the Microsoft detection for a DLL component used mostly by the Win32/Lolyda family of password-stealing trojans that sends account information from popular online games to a remote server. Win32/Lolyda.S captures logon credentials for the online game "QQ Fantasy Online" (QQFO) and sends the collected data to a remote server.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.