We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Backdoor:Win32/Caphaw.D!lnk
Aliases: Troj/LnkDoc-A (Sophos)
Summary
Windows Defender detects and removes this threat.
The threat is a malicious link created by variants of the Backdoor:Win32/Caphaw family of backdoor trojans, such as Backdoor:Win32/Caphaw.D. These trojans can give a malicious hacker access and control of your PC.
The shortcut link can try to trick you into opening other malware by pretending to be real file in the shared folders on your network.
The following free Microsoft software detects and removes this threat:
- Microsoft Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.
Change your passwords
You should change your passwords after you've removed this threat:
Be careful when sharing files
Windows has a feature that lets you share files and folders on a network or shared PC. This feature is sometimes abused by malware to spread to other PCs within the network.
You can get more information and tips on how to share files safely from these pages:
- In Windows 8.1, Share files and folders on a network or a shared PC
- In Windows 7, File sharing essentials
- In Windows Vista, Share files and folders over the network
You should turn off file sharing until you make sure that all infected PCs have been cleaned of any malware.
Get more help
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
If you’re using Windows XP, see our Windows XP end of support page.
