Aliases: No associated aliases
Windows Defender detects and removes this threat.
This malware family is well known for being tricky to detect and remove because of its file-less design after infection. They infect your PCs so malware perpetrators can perform click-fraud and install additional malware on your machines.
They can steal your personal information, download more malware, or give a malicious hacker access to your PC.
You can read more about this threat on the Microsoft Malware Protection Center (MMPC) blog:
- Improved scripts in .lnk files now deliver Kovter in addition to Locky
- Kovter becomes almost file-less, creates a new file type, and gets some new certificates
- Large Kovter digitally-signed malvertising campaign and MSRT cleanup release
- Windows Defender for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
You should also run a full scan. A full scan might find hidden malware.
Protect your sensitive information
This threat tries to steal your sensitive and confidential information. If you think your information has been stolen, see:
You should change your passwords after you've removed this threat:
Use cloud protection
The Microsoft Active Protection Service (MAPS) uses cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Windows Defender for Windows 10.
Get more help
If you’re using Windows XP, see our Windows XP end of support page.