JS/Shellcode is a detection for JavaScript-enabled objects that contain exploit code and may exhibit suspicious behavior. Malicious websites and malformed PDF documents may contain JavaScript which attempts to execute code without the affected user's consent.

JS/Mult describes a group of threats, written in JavaScript, that attempt to exploit multiple vulnerabilities on affected computers in order to download, execute or otherwise run arbitrary code. The malicious JavaScript may be hosted on compromised or malicious websites, embedded in specially crafted PDF files, or could be called by other malicious scripts.

Microsoft security software detects and removes this family of threats.

You should also update your software to be fully protected.

These threats are part of the Blacole family of malware. For more information, see our Blacole family description.

Microsoft security software detects and removes this family of threats.

This is a family of JavaScript components belonging to an exploit kit called Fiesta. Similar to other exploit kits, such as Blacole, it first checks your browser, version, and installed plugins. It does this to determine which exploit to use on your PC.

Malware in this family can exploit vulnerabilities in Java, Adobe Flash Player, Adobe Acrobat Reader, Microsoft Silverlight, and Internet Explorer.

They can run on your PC when you visit a hacked or malicious website.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This family of threats are malicious JavaScript files that redirect web searches to pay-per-click advertising sites.

This threat might be installed on your PC from a Win32/Medfos variant.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This threat is a webpage that spreads the exploit kit known as Neutrino.

You PC is at risk of infection if you visit this webpage and you have vulnerable software installed on your PC.

You might be redirected to the malicious webpage without your consent.

Windows Defender detects and removes this threat.

This threat is a webpage that spreads the exploit kit known as Neutrino.

You PC is at risk of infection if you visit this webpage and you have vulnerable software installed on your PC.

You might be redirected to the malicious webpage without your consent.

Microsoft security software detects and removes this family of threats.

This malware family looks for vulnerabilities in the following software:

• Java Development Kit and Java Runtime Environment
• Adobe Flash Player
• Microsoft True Type Font

If a vulnerability is found they can then download other malware onto your PC.

You can be redirected to a malicious or compromised website that hosts this threat as you browse the Internet or when you click a link in a spam email.

Our exploits page explains more about this type of threat.
 

Windows Defender detects and removes this threat.

The threat has been renamed to TrojanDownloader:JS/Lave.A.

Find out ways that malware can get on your PC.  

Exploit:JS/Timbum is a detection for a malicious JavaScript that redirects the browser to certain URLs. It exploits a vulnerability in the TimThumb Wordpress plugin, which allows an attacker to upload and execute malicious PHP code.

JS/Kak is a mailer worm that targets computers running certain versions of English or French Microsoft Windows. The worm appends itself as the signature to e-mails sent using Outlook Express. When a user views or previews the e-mail using an e-mail program that supports HTML format and JScript, the worm runs, unless the computer is patched to prevent exploit of the Windows vulnerability described in Microsoft Security Bulletin MS99-032.

JS/Cripac is a detection for JavaScript malware that attempts to exploit numerous vulnerabilities that allows the malware to execute arbitrary code.

Microsoft security software detects and removes this family of threats.

They are Chrome browser extensions that hijack your Facebook, Twitter or YouTube accounts to promote pages. The threats might post hyperlinks or like pages on Facebook, post comments on YouTube videos, or follow profiles and send direct messages on Twitter without your permission.

They are installed on your computer by Trojan:AutoIt/Kilim.A.

Windows Defender detects and removes this threat.

JS/Bepexp is a family of JavaScript malware that loads multiple exploits in an attempt to compromise the host system, when browsing webpages containing the script. Various software vulnerabilities may be targeted, depending on the target system configuration.

Windows Defender detects and removes this threat.

This family of threats are malicious JavaScript files that redirect your web browser to show you ads or download other malware.  

They can be installed by other malware, including members of the Win32/Fareit family, or installed on your PC from a spam email attachment.

The Win32/Miuref family description has for more information.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

You should also update your software to be fully protected.

BlacoleRef is a type of malware which tries to infect your PC with other malware, such as trojans and viruses.

It belongs to the Blacole family of malware, which together are known as the Blacole (or "Blackhole") exploit kit. 

See our page about exploits and learn how to update common software.

When you visit a malicious or compromised website, BlacoleRef scans your PC for vulnerabilities or weaknesses in your software.

You might visit the website from a link or attachment in an email, or from a previously safe website that has been hacked.

The threat uses those vulnerabilities it has found on your PC to download malware onto your PC:

Typically, the Blacole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.

Windows Defender detects and removes this threat.

This website checks to see if your PC is running a vulnerable version of Java or Adobe Reader. You might be redirected to this website when you visit a hacked or malicious webpage.

If your PC has vulnerable software installed, this threat can download other malware, including:

• Win32/Zbot
• Win32/Gamarue
• Win32/Tofsee
• Win32/Dofoil
• Win32/Neurevt
• Win32/Expiro
• Win32/Loktrom

You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

Find out ways that malware can get on your PC. 

Windows Defender detects and removes this threat.

This family of threats collects information about your PC, infects your removable drives, and tries to stop you from accessing your files.

It spreads by infecting removable drives, such as USB thumb drives and flash drives. 

This threat might be downloaded by other malware, or you might get it by connecting an infected removable drive to your PC. 

Find out ways that malware can get on your PC.