Published Oct 23, 2014 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: W32/Backdoor.ARXT-7998 (Command) (Kaspersky) winpe/Suspicious_Gen3.OCHI (Norman) Gen:Trojan.Heur.LP.aq4@aGmr6rg (BitDefender)


Windows Defender detects and removes this threat.

This threat installs web browser plugins that can be used for a number of malicious activities on your PC. This can include stealing your sensitive information, Bitcoin mining, and sending spam emails.

It is installed by other malware in the Win32/Tofsee family.

Find out ways that malware can get on your PC.  

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find other hidden malware.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us