Also detected as:
The following can indicate that you have this threat on your PC:
detects and removes this threat.
This threat can download and run files on your PC, including other malware.
It can be installed when you open a spam email attachment.
Find out ways that malware can get on your PC.
Use the following free Microsoft software to detect and remove this threat:
You should also run a full scan. A full scan might find other hidden malware.
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
If you’re using Windows XP, see our Windows XP end of support page.
This threat can be downloaded when you open a spam email attachment. We have seen the attachment use the following file names:
When you open the attachment the malware runs. It installs the following file onto your PC:
The malware also shows you an image similar to the following:
Downloads updates and other malware
The malware checks for an internet connection by connecting to clean website such as windowsupdate.microsoft.com. It then connects to hardcoded remote host to download other malware, for example:
We have seen this threat download updates as well as other threats from the following malware families:
I want to...
Note: Your feedback is very important to us, however we do not respond to individual submissions through this channel.
If you require support, please visit the
Safety & Security Center.