Skip to main content
Microsoft Security Intelligence
Published Aug 08, 2014 | Updated Sep 15, 2017


Detected by Microsoft Defender Antivirus

Aliases: Dropper/Win32.Necurs (AhnLab) Trojan horse SHeur4.CAAW (AVG) TR/Wemosis.A.1 (Avira) Backdoor.Win32.PMax.atbz (Kaspersky) winpe/Troj_Generic.VGJNN (Norman)


Windows Defender detects and removes this threat.

This threat is a part of the Win32/Powessere malware family. It can steal information about your PC, send it a malicious hacker, and download other malware.

It can be installed by other malware, or as a result of an exploit, such as Exploit:Win32/CVE-2012-0158.CJ.

See the Win32/Powessere family description for more information.

Find out ways that malware can get on your PC.

The following free Microsoft software detects and removes this threat:

You should also run a full scan. A full scan might find other hidden malware.

Advanced troubleshooting

To restore your PC, you might need to download and run Windows Defender Offline. See our advanced troubleshooting page for more help.

Get more help

You can also see our advanced troubleshooting page for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us