Published Aug 04, 2016 | Updated Sep 15, 2017


Detected by Microsoft Defender Antivirus

Aliases: No associated aliases


Windows Defender Antivirus detects and removes this threat.

This threat doesn’t have the typical ‘execute-a-binary-malware-payload-at-the-end-and-then-done’ routine that we often see. We have observed this threat being distributed as a malicious attachment to spam email.

Find out ways that malware can get on your PC

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware.

Get more help

For these type of threats that requires user consent, preventing these kind of script from executing is the best solution.

Our previous blog, Where's the macro... contains some guidance about the registry settings to use to prevent an OLE Embedded Object from executing.

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us