Aliases: W32/Trojan.FAVQ-2299 (Command) TR/Crypt.ZPACK.99635 (Avira) TROJ_SPNR.0AJ414 (Trend Micro)
Microsoft security software detects and removes this family of threats.
Threats in this family can steal your sensitive information.
They can be installed on your PC by exploit kits such as JS/Neclu, spam email attachments, or infected removable drives. They can also be downloaded by other malware such as Win32/Gamarue and Win32/Dorkbot.
Use the following free Microsoft software to detect and remove this threat:
You should also run a full scan. A full scan might find hidden malware.
This threat tries to steal your sensitive and confidential information. If you think your information has been stolen, see:
You should change your passwords after you've removed this threat:
This threat tries to use the Windows Autorun function to spread via removable drives, such as USB flash drives. You can disable Autorun to prevent worms from spreading:
Remember to scan any removable or portable drives. If you have Microsoft security software, see this topic on our software help page:
Enable the Microsoft Active Protection Service (MAPS) on your system to protect your enterprise software security infrastructure in the cloud.
Check if MAPS is enabled in your Microsoft security product:
Select Settings and then select MAPS.
Select Advanced membership, then click Save changes. With the MAPS option enabled, your Microsoft anti-malware security product can take full advantage of Microsoft's cloud protection service.
If you’re using Windows XP, see our Windows XP end of support page.