Aliases: No associated aliases
Windows Defender detects and removes this threat.
The threat is used by other malware to download more malware onto your PC. This means that if you have this malware, it's highly likely you also have Win32/Kuluoz, Win32/Zbot, Win32/Rovnix, or others.
This malware is installed by Win32/Kuluoz. It can also get on your PC when you visit links to compromised or malicious websites sent in spam emails.
Use the following free Microsoft software to detect and remove this threat:
- Windows Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
You should also run a full scan. A full scan might find hidden malware.
Get more help
You can also ask for help from other PC users at the Microsoft virus and malware community.
If you’re using Windows XP, see our Windows XP end of support page.