Trojan:Win32/Chymine.A is a trojan that drops a keylogging malware detected as TrojanSpy:Win32/Chymine.A. It consists of several components: an .EXE component and a .DLL component. It may be launched and installed by Exploit:Win32/CplLnk.A.

Worm:Win32/Stuxnet.B is the detection for a worm that spreads to all removable drives. It does this by dropping exploit shortcut files (files having .LNK file extension) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer). The shortcut files are detected as Exploit:Win32/CplLnk.A.

 

The worm is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.

Exploit:Java/CVE-2008-5353.B is a detection for malicious code that attempts to exploit a vulnerability in the Java Runtime Environment (JRE). The vulnerability, with CVE number CVE-2008-5353, may lead to the download and execution of arbitrary files in an affected system.

Exploit:Win32/Taro.H is a detection for an exploit affecting the word processing application Ichitaro by JustSystems of Japan.

Exploit:Java/CVE-2008-5353.DG is based on a vulnerability which affects Java Virtual Machine (JVM) up to and including version 6 update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2009-3869.A is a detection for the vulnerability described in CVE-2009-3869 which can be exploited to execute arbitrary code.

Exploit:Win32/Pidief.HW is a detection for specially-crafted PDF files that target a software vulnerability in Adobe Acrobat and Adobe Reader version 8 before 8.2.1 and version 9 before 9.3.1. The vulnerability exploited by this malware is referenced by the Common Vulnerabilities and Exposures (CVE) Identifier CVE-2010-0188.

 

Exploit:Java/CVE-2010-0840.DN is the detection for a malicious and obfuscated Java class that exploits the vulnerability in Java described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Windows Defender detects and removes this threat.

This threat is a webpage that spreads the exploit kit known as Neutrino. See the HTML/NeutrinoEK family description for more information.

You PC is at risk of infection if you visit this webpage and you have vulnerable software installed on your PC.

You might be redirected to the malicious webpage without your consent.

Windows Defender detects and removes this threat.

This threat uses a Microsoft vulnerability to download and run files on your PC, including other malware.

It runs if you visit a website, and have a vulnerable operating system; the following software are affected:

• Windows 8.1
• Windows RT Gold and 8.1
• Windows 7 SP1
• Windows Server 2012 Gold and R2
• Windows Server 2008 SP2 and R2 SP1
• Windows Vista SP2
• Windows Server 2003 SP2

You might get an alert about this threat even if you're not using a vulnerable version of the application. This is because we detect when a website or file tries to use the vulnerability, even if it isn't successful.

Windows Defender detects and removes this threat.

This threat uses a Microsoft vulnerability to download and run files on your PC, including other malware.

It runs if you visit a website, and have a vulnerable operating system; the following software are affected:

• Windows 8.1
• Windows RT Gold and 8.1
• Windows 7 SP1
• Windows Server 2012 Gold and R2
• Windows Server 2008 SP2 and R2 SP1
• Windows Vista SP2
• Windows Server 2003 SP2

You might get an alert about this threat even if you're not using a vulnerable version of the application. This is because we detect when a website or file tries to use the vulnerability, even if it isn't successful.

Exploit:JS/Objsnapt.E is a detection for a Javascript file that exploits a known vulnerability in the Microsoft Access Snapshot Viewer ActiveX Control described in http://www.microsoft.com/technet/security/advisory/955179.mspx.

Exploit:JS/Mult.BN is a generic detection of obfuscated malicious code that may be used to exploit vulnerabilities in different software, in order to download and execute arbitrary files from a remote server.

Exploit:HTML/Snapew.gen!A is a generic detection for a malicious HTML Web page that attempts to exploit a vulnerability in Snapshot Viewer for Microsoft Access (Security Advisory 955179 - http://www.microsoft.com/technet/security/advisory/955179.mspx).

Exploit:Win32/Apptom.gen is generic detection for an exploit in Microsoft PowerPoint Presentation (.PPS / .PPT) data files. The vulnerability exists in Microsoft Office 2000, XP, 2003 and Mac Office. Opening the exploit on vulnerable systems could install malware onto the local computer.

Exploit:Win32/MS06040.gen is a generic detection for malicious software that attempts to exploit a vulnerability in Windows Server Service that can allow the execution of arbitrary code. The vulnerability is referenced in Microsoft Security Bulletin MS06-040 and Microsoft Knowledge Base article KB921883.