Trojan:Win32/Chymine.A is a trojan that drops a keylogging malware detected as TrojanSpy:Win32/Chymine.A. It consists of several components: an .EXE component and a .DLL component. It may be launched and installed by Exploit:Win32/CplLnk.A.

Worm:Win32/Stuxnet.B is the detection for a worm that spreads to all removable drives. It does this by dropping exploit shortcut files (files having .LNK file extension) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer). The shortcut files are detected as Exploit:Win32/CplLnk.A.

 

The worm is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.

Exploit:Java/CVE-2008-5353.B is a detection for malicious code that attempts to exploit a vulnerability in the Java Runtime Environment (JRE). The vulnerability, with CVE number CVE-2008-5353, may lead to the download and execution of arbitrary files in an affected system.

Windows Defender detects and removes this threat.

It uses vulnerabilities in recent versions of Adobe Flash Player and Java to install malware on your PC.

You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.

Windows Defender detects and removes this threat.

This threat is a webpage that contains code to download malware onto your PC. You might be redirected to this webpage from another, possibly hacked, webpage.

It tries to use vulnerabilities in your software to infect your PC.

You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

See our page about exploits and learn how to update common software.

Windows Defender detects and removes this threat.

The threat is a webpage that tries to exploit vulnerabilities in software on your PC. It can then try to download other malware.

It tries to exploit vulnerabilities in the following software:

• Java
• Adobe Flash Player
• Adobe Acrobat Reader
• Microsoft Silverlight
• Internet Explorer.

Members of the Fiexp family belong to the exploit kit called Fiesta.

See the family description for HTML/Fiexp and our page on exploits for more information.

This threat might get into your PC if you visit a hacked or malicious website.

Find out ways that malware can get on your PC.  

Exploit:Win32/Taro.H is a detection for an exploit affecting the word processing application Ichitaro by JustSystems of Japan.

Exploit:Java/CVE-2008-5353.DG is based on a vulnerability which affects Java Virtual Machine (JVM) up to and including version 6 update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2009-3869.A is a detection for the vulnerability described in CVE-2009-3869 which can be exploited to execute arbitrary code.

Exploit:Win32/Pidief.HW is a detection for specially-crafted PDF files that target a software vulnerability in Adobe Acrobat and Adobe Reader version 8 before 8.2.1 and version 9 before 9.3.1. The vulnerability exploited by this malware is referenced by the Common Vulnerabilities and Exposures (CVE) Identifier CVE-2010-0188.

 

This is a detection for a malicious JavaScript that attempts to exploit a vulnerability in the web browser Firefox versions 3.6.8, 3.6.9, 3.6.10 and 3.6.11. The exploit could download and execute arbitrary code. In the wild, this exploit is known to download and execute Backdoor:Win32/Belmoo.A.

Exploit:Java/CVE-2008-5353.WW is a detection for an exploit that is based on a vulnerability which affects Java Virtual Machine (JVM) version 5 up to and including update 22, as well as version 6 up to and including update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Win32/CVE-2010-2572.A is the detection for specially-crafted Microsoft Powerpoint files that exploit a vulnerability addressed by Microsoft Security Bulletin MS10-088. This vulnerability may allow attackers to execute arbitrary code that can drop files, install programs or modify data without the user's knowledge or consent.

Exploit:Java/CVE-2010-0840.AL is the detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Exploit:Java/CVE-2010-0840.BJ is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to arbitrary code execution.

Exploit:Java/CVE-2010-0094.CY is the detection for malicious Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sandbox" environment.

 

Windows Defender detects and removes this threat.

This threat uses a JavaScript vulnerability to check your PC for security software. It then looks for certain information about your computer that might be used in a future attack. It uses the vulnerability described in CVE-2013-7331 to exploit your PC.

It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.

You might get an alert about this threat even if you're not using vulnerable software. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

See the Exploit:JS/Sevdaq family description for more information.

Windows Defender detects and removes this threat.

This threat uses vulnerabilities in Adobe Flash Player, Oracle Java and Silverlight to install malware on your PC.

You might encounter it when you visit compromised or malicious websites.

Find out ways that malware can get on your PC.