Skip to main content
Microsoft Security Intelligence
Published Nov 21, 2017 | Updated Jan 18, 2018


Detected by Microsoft Defender Antivirus

Aliases: No associated aliases


Windows Defender detects and removes this threat.

This threat is a trojan which fakes Transport Layer Security (TLS) communications to obfuscate C2 servers and is commonly seen with targeted attacks.  

Find out ways that malware can get on your PC

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware.

Use cloud protection 

Use cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Microsoft Defender Antivirus for Windows 10.  

Go to Settings > Update & security > Windows Defender > Windows Defender Security Center > Virus & threat protection  > Virus & threat protection settings, and make sure that your Cloud-based Protection settings is turned On

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us