Trojan:Win32/Chymine.A is a trojan that drops a keylogging malware detected as TrojanSpy:Win32/Chymine.A. It consists of several components: an .EXE component and a .DLL component. It may be launched and installed by Exploit:Win32/CplLnk.A.

Worm:Win32/Stuxnet.B is the detection for a worm that spreads to all removable drives. It does this by dropping exploit shortcut files (files having .LNK file extension) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer). The shortcut files are detected as Exploit:Win32/CplLnk.A.

 

The worm is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.

Exploit:Java/CVE-2008-5353.B is a detection for malicious code that attempts to exploit a vulnerability in the Java Runtime Environment (JRE). The vulnerability, with CVE number CVE-2008-5353, may lead to the download and execution of arbitrary files in an affected system.

Exploit:Win32/Taro.H is a detection for an exploit affecting the word processing application Ichitaro by JustSystems of Japan.

Exploit:Java/CVE-2008-5353.DG is based on a vulnerability which affects Java Virtual Machine (JVM) up to and including version 6 update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2010-0840.DW is the detection for a malicious and obfuscated Java class that exploits the vulnerability described in CVE-2010-0840. Successful exploitation may lead to the download and execution of arbitrary files within the user's security context.

Windows Defender detects and removes this threat.

This threat uses a Java vulnerability to download and run files on your PC, including other malware.

It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.

The following versions of Java are vulnerable:

• Java Development Kit, Java Runtime Environment 7 Update 11 and earlier

To check if you're running a vulnerable version of Java:

1. Go to the control panel (Select Start then Control Panel)
2. Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
3. On the General tab, click About to see which version of Java you have installed.

You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

Windows Defender detects and removes this threat.

It uses vulnerabilities in recent versions of Adobe Flash Player and Java to install malware on your PC.

You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.

Windows Defender detects and removes this threat.

This threat is a webpage that contains code to download malware onto your PC. You might be redirected to this webpage from another, possibly hacked, webpage.

It tries to use vulnerabilities in your software to infect your PC.

You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

See our page about exploits and learn how to update common software.

Windows Defender detects and removes this threat.

The threat is a webpage that tries to exploit vulnerabilities in software on your PC. It can then try to download other malware.

It tries to exploit vulnerabilities in the following software:

• Java
• Adobe Flash Player
• Adobe Acrobat Reader
• Microsoft Silverlight
• Internet Explorer.

Members of the Fiexp family belong to the exploit kit called Fiesta.

See the family description for HTML/Fiexp and our page on exploits for more information.

This threat might get into your PC if you visit a hacked or malicious website.

Find out ways that malware can get on your PC.  

Windows Defender Antivirus detects and removes this threat. 

This threat exploits vulnerabilities in the Android operating system to gain root privileges on your mobile device.

Windows Defender detects and removes this threat.

This threat is a specially-formed IFrame that redirects you to websites that might have other malware.

You might come across this infection when you visit a hacked or malicious website.

Java/Byteverify is a malicious Java applet that exploits a vulnerability in certain unpatched versions of Microsoft virtual machine (Microsoft VM). Details on the vulnerability can be found in Microsoft Security Bulletin MS03-011 at http://www.microsoft.com/technet/security/Bulletin/MS03-011.mspx

Windows Defender detects and removes this threat.

This threat uses vulnerabilities in Adobe Flash Player, Oracle Java and Silverlight to install malware on your PC.

You might encounter it when you visit compromised or malicious websites.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This threat uses an Adobe vulnerability to download and run files on your PC, including malware.

It runs when you open an infected PDF file and you have a vulnerable version of Adobe Reader or Acrobat. You might receive this PDF file as an email attachment.

The following versions of Adobe Reader/Acrobat are vulnerable:

• Adobe Acrobat and Adobe Reader version 11 earlier than 11.0.03
• Adobe Acrobat and Adobe Reader version 10 earlier than 10.1.7
• Adobe Acrobat and Adobe Reader version 9 earlier than 9.5.5

Exploit:Win32/Pdfjsc.DE is a detection for specially-crafted PDF files that target software vulnerabilities in Adobe Acrobat and Adobe Reader. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript gets executed and loads the exploit. The exploit executes code to download and execute arbitrary files on the affected computer. These files may include additional malware.

Exploit:JS/Mult.DW is the detection for a malicious JavaScript often found distributed through compromised websites.