PWS:Win32/Zbot.AHL
PWS:Win32/Zbot.AHL is malware that allows unauthorized access and control of your computer, and steals your valuable information, such as passwords. PWS:Win32/Zbot.AHL is created by kits known as "Zeus" which are bought and sold on the Internet black market.
PWS:Win32/Zbot.AHL is widespread. It can be distributed and installed on your computer in several different ways, including:
- Downloaded by other malware such as Win32/Bredolab, Win32/Kelihos, Win32/Waledac, Exploit:Win32/CplLnk, and variants of Win32/Cutwail.
- Downloaded as a payload for exploit kits such as blackhole (we detect this as Blacole), and for exploits including Exploit:Java/CVE-2012-0507, Exploit:Java/CVE-2012-1723, Exploit:Java/CVE-2013-0422, and Exploit:Win32/Pdfjsc.
- Spammed out attached to email
Visit the Win32/Zbot family description for more details.
Win32/Winwebsec
Microsoft security software detects and removes this family of threats.
This family of rogue security programs pretend to scan your PC for malware, and often report lots of infections. The program will say you have to pay for it before it can fully clean your PC.
However, the program hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the program. Some of these programs use product names or logos that unlawfully impersonate Microsoft products.
Even if you do pay to "unlock" the app, it won't do anything because your PC isn't actually infected with all that malware it "found".
Different brands of the rogues may modify various settings on your computer, end or close programs or system services, or block access to websites.
by other malware.
You can read more on our rogue page.
Exploit:Java/CVE-2012-0507.D!ldr
Windows Defender Antivirus detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- JDK and JRE 7 Update 2 and earlier Java SE
- JDK and JRE 6 Update 30 and earlier Java SE
- JDK and JRE 5.0 Update 33 and earlier Java SE
- SDK and JRE 1.4.2_35 and earlier Java SE
- JavaFX 2.0.2 and earlier JavaFX
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Find out ways that malware can get on your PC.
PWS:Win32/Zbot.gen!AK
PWS:Win32/Zbot.gen!AK is trojan that allows unauthorized access and control of your computer, and steals your valuable information, such as passwords. PWS:Win32/Zbot.gen!AK is created by kits known as "Zeus" which are bought and sold on the Internet black market.
PWS:Win32/Zbot.gen!AK is widespread. It has been distributed and installed on user's computers in several different ways, including:
- Downloaded by other malware such as Win32/Bredolab, Win32/Kelihos, Win32/Waledac, and Exploit:Win32/CplLnk
- Downloaded as a payload for exploit kits such as blackhole (we detect this as Blacole)
- Spammed out attached to email
Visit the Win32/Zbot family description for more details about how this malware is distributed.
PWS:Win32/Zbot.gen!AL
Microsoft security software detects and removes this threat.
This threat can steal your personal and financial information. It can also give a hacker access and control of your PC.
We have seen this threat being installed by:
- Other malware, such as Win32/Bredolab, Win32/Kelihos, Win32/Waledac, Exploit:Win32/CplLnk, and variants of Win32/Cutwail.
- Exploit kits, such as Blacole, and Exploit:Java/CVE-2012-0507, Exploit:Java/CVE-2012-1723, Exploit:Java/CVE-2013-0422, and Exploit:Win32/Pdfjsc.
- Spam email attachments
The Win32/Zbot family description has more information.