Windows Defender detects and removes this threat.

This is a generic detection for specially crafted, malicious shortcut files that target the vulnerability exploited by the Win32/Stuxnet family.

When you browse a folder that has the malicious shortcut using an app that displays shortcut icons, the malware runs instead.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

These are shortcut files that exploit the vulnerability described by CVE-2010-2568. The vulnerability has been resolved with the release of Microsoft Security Bulletin MS10-046.

Windows Defender detects and removes this threat.

Exploit:Win32/CplLnk.B is a detection for specially-crafted, malicious shortcut files that exploit the vulnerability described by CVE-2010-2568 and resolved with the release of Microsoft Security Bulletin MS10-046.

If you browse a folder that contains the malicious shortcut using a program that displays shortcuts, like Windows Explorer, the malware runs.

Trojan:Win32/Chymine.A is a trojan that drops a keylogging malware detected as TrojanSpy:Win32/Chymine.A. It consists of several components: an .EXE component and a .DLL component. It may be launched and installed by Exploit:Win32/CplLnk.A.

TrojanDropper:Win32/Sality.AU is a trojan that drops the virus Win32/Sality.AU. The trojan may be executed by Exploit:Win32/CplLnk.A.

Worm:Win32/Stuxnet.B is the detection for a worm that spreads to all removable drives. It does this by dropping exploit shortcut files (files having .LNK file extension) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer). The shortcut files are detected as Exploit:Win32/CplLnk.A.

 

The worm is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.

Worm:Win32/Mosripe.A is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Commonly, worms may spread directly by copying themselves to removable or network drives, or by attempting to exploit particular vulnerabilities on targeted computers. Worms also often attempt to spread via platforms that require user interaction in order to run. They may send themselves as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In these cases the message needs to be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.

Worm:Win32/Vobfus!dll is a component of Win32/Vobfus, a worm that spreads by copying itself to available network and removable drives. It launches a specific file named "x.exe".

TrojanDownloader:Win32/Chymine.A is a trojan that can download other malware and record the user's keystrokes. It consists of several components: an .EXE component and a .DLL component. It may be installed by Exploit:Win32/CplLnk.A.

Win32/Rorpian are a family of worms capable of spreading through network shares and by exploiting vulnerabilities such as the Domain Name System (DNS) Server Service vulnerability. The worm usually downloads additional malware on the affected computer.

Worm:Win32/Rorpian are a family of worms capable of spreading through network shares and by exploiting vulnerabilities such as the Domain Name System (DNS) Server Service vulnerability. The worm usually downloads additional malware on the affected computer.

Windows Defender Antivirus detects and removes this threat.

 

This threat can install Virus:Win32/Sality.AU onto your PC, usually through networks or removable drives.

 

It can be installed by Exploit:Win32/CplLnk.A, which automatically runs the virus when you visit a malicious or hacked webpage.

 

Find out ways that malware can get on your PC.

TrojanDownloader:Win32/Zbot.B is malware that downloads other malware. It uses a vulnerability resolved with the release of Microsoft Security Bulletin MS10-046 to automatically run in a vulnerable computer.

Worm:Win32/Stuxnet.A is the detection for a worm that spreads to all removable drives. It does this by dropping shortcut files (.LNK) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer).

 

It is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.