TrojanProxy:Win32/Bunitu.F
Microsoft security software detects and removes this threat.
This threat is part of the Win32/Bunitu malware family. It can give a malicious hacker access to your PC as a proxy, which means they can hide their other malicious activities.
It can be installed on your PC if you visit a compromised or hacked website, as a result of an exploit kit such as Exploit:JS/Angler.
See the Win32/Bunitu family description for more information.
Exploit:SWF/Axpergle
Windows Defender detects this threat.
This threat is a detection for specially-crafted Shockwave Flash (.SWF) files that attempt to exploit software vulnerabilities in Adobe Flash Player known as part of the Angler exploit kit. We have seen this threat exploit the CVE-2014-8439, CVE-2015-0310, CVE-2015-0311, CVE-2015-0313 vulnerabilities.
It uses an Adobe Flash Player vulnerability to download and run files on your PC, including malware.
The exploit is also called Angler.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 16.0.0.296 and earlier versions
- Adobe Flash Player 13.0.0.264 and earlier 13.x versions
- Adobe Flash Player 11.2.202.440 and earlier 11.x versions
You might get an alert about this threat even if you're not using a vulnerable version of Adobe Flash Player. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
To learn more about how this threat is being used by cybercriminals,
HTML/Axpergle
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton, Win32/Troldesh and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
JS/Axpergle
Windows Defender detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:HTML/Axpergle.N
Microsoft security software detects and removes this threat.
This threat uses vulnerabilities in recent versions of Microsoft Silverlight and Adobe Flash Player to install malware on your PC. We have seen it try to install TrojanDropper:Win32/Evotob.A.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
Find out ways that malware can get on your PC.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle
Windows Defender detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.E
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Trojan:Win32/Reveton.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.A
Windows Defender detects and removes this threat.
It uses vulnerabilities in recent versions of Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install PWS:Win32/Zbot.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.J
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Trojan:Win32/Reveton.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.N
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install PWS:Win32/Zbot.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Win32/Bunitu
Microsoft security software detects and removes this family of threats.
These threats can give a malicious hacker access to your PC as a proxy, which means they can hide their other malicious activities.
They can be installed on your PC if you visit a compromised or hacked website, as a result of an exploit kit such as Exploit:JS/Angler.
WinNT/Bunitu
Microsoft security software detects and removes this family of threats.
These threats can give a malicious hacker access to your PC as a proxy, which means they can hide their other malicious activities.
They can be installed on your PC if you visit a compromised or hacked website, as a result of an exploit kit such as Exploit:JS/Angler.
Ransom:Win32/Tescrypt.B
Microsoft security software detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.
As of April 2015, we have observed an increase in Tescrypt activity as it gets dropped by a few exploit kits such as Exploit:SWF/Axpergle (Angler), Exploit:JS/Neclu (Nuclear), JS/Fiexp (Fiesta), and JS/Anogre (Sweet Orange).
See the Win32/Tescrypt family description for more information.
Windows 10 protects you from ransomware. Read more:
Windows 10 Creators Update provides next-gen ransomware protection
You can read more on our ransomware page.
Exploit:JS/CVE-2013-2551.C
Windows Defender detects and removes this threat.
This threat uses an Internet Explorer vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.
The following Internet Explorer versions are vulnerable:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
Exploit:JS/Axpergle.CG
Microsoft security software detects and removes this threat.
This threat uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
See the Exploit:JS/Axpergle family description for more information.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.BM
Windows Defender detects and removes this threat.
This threat uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
See the Exploit:JS/Axpergle family description for more information.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/CVE-2013-2551
Windows Defender detects and removes this threat.
This threat uses an Internet Explorer vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.
The following Internet Explorer versions are vulnerable:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
Exploit:SWF/CVE-2015-0311
Windows Defender detects and removes this threat.
This threat uses an Adobe vulnerability to download and run files on your PC, including malware.
It runs when you visit a malicious or hacked website and you have a vulnerable version of Adobe Flash Player.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh
- Adobe Flash Player 13.0.0.262 and earlier 13.x versions
- Adobe Flash Player 11.2.202.438 and earlier versions for Linux
If you visit a webpage containing this threat and your PC has a vulnerable version of Flash installed, this threat can download and run other malware.
Bunitu
Microsoft security software detects and removes this family of threats.
These threats can give a malicious hacker access to your PC as a proxy, which means they can hide their other malicious activities.
They can be installed on your PC if you visit a compromised or hacked website, as a result of an exploit kit such as Exploit:JS/Angler.
Exploit:JS/Axpergle.I
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Trojan:Win32/Reveton.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,