Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
21 entries found. Displaying page 1 of 2.
Updated on Aug 21, 2023
Alert level: severe
Updated on Oct 28, 2011
TrojanDownloader:Win32/Banload.ADP is a member of Win32/Banload - a family of trojans that downloads other malware. Banload is usually used to download and install members of the Win32/Banker and Win32/Bancos families onto affected computers. Win32/Banker and Win32/Bancos are trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.
Alert level: severe
Updated on May 18, 2012

TrojanProxy:Win32/Banker.O is a trojan that downloads a malicious JScript file. The downloaded file, detected as TrojanProxy:JS/Banker.N, redirects your browser traffic through an attacker-controlled proxy server.

Alert level: severe
Updated on Feb 07, 2012

TrojanSpy:Win32/Bancos.AFY!cfg is a malicious JScript proxy auto-config file that may redirect the user's browser traffic through an attacker-controlled proxy server.

Alert level: severe
Updated on Aug 18, 2016

Microsoft Defender Antivirus detects and removes this threat.

This threat doesn’t have the typical ‘execute-a-binary-malware-payload-at-the-end-and-then-done’ routine that we often see. We have observed this threat being distributed as a malicious attachment to spam email.

Find out ways that malware can get on your PC

Alert level: severe
Updated on May 17, 2012

TrojanDropper:Win32/Banker.J is a trojan that drops a malicious JScript file, detected as TrojanProxy:JS/Banker.N, that may redirect your browser traffic through an attacker-controlled proxy server.

Alert level: severe
Updated on Sep 09, 2005
JS/Kak is a mailer worm that targets computers running certain versions of English or French Microsoft Windows. The worm appends itself as the signature to e-mails sent using Outlook Express. When a user views or previews the e-mail using an e-mail program that supports HTML format and JScript, the worm runs, unless the computer is patched to prevent exploit of the Windows vulnerability described in Microsoft Security Bulletin MS99-032.
Alert level: severe
Updated on Jul 01, 2011

Trojan:JS/Redirector.GU is the detection for an obfuscated JavaScript that attempts to redirect the browser to the webpage "counterstats.servemp3.com/ml.php".

Alert level: severe
Updated on Apr 11, 2011
Trojan:JS/Nimda.A is a trojan that attempts to open the malicious file “readme.eml” in the current folder. The file “readme.eml” is a malformed multipart MIME formatted message file dropped by Worm:Win32/Nimda, and it contains an encoded copy of Worm:Win32/Nimda.
 
Trojan:JS/Nimda.A takes advantage of a vulnerability corrected by MS01-020 (Incorrect MIME Header Can Cause IE to Execute E-mail Attachment).
Alert level: severe
Updated on Mar 09, 2012

TrojanSpy:Win32/Banker.AEJ!cfg is a malicious JScript proxy auto-configuration file that may redirect the user's browser traffic through an attacker-controlled proxy server.

Alert level: severe
Updated on May 30, 2011

Exploit:JS/Mult.DK is a detection for malicious JavaScript which attempts to exploit a vulnerability in Adobe Reader via the user's web browser.

Alert level: severe
Updated on Aug 01, 2011

Trojan:JS/Redirector.GZ is a generic detection for specific JavaScript that attempts to redirect the affected user's browser to another website. This JavaScript is usually embedded in a malicious or compromised webpage.

Alert level: severe
Updated on May 18, 2024
Alert level: severe
Updated on May 18, 2024
Alert level: severe
Updated on Feb 11, 2014
Windows Defender Antivirus detects and removes this threat.
 
This threat can perform a number of actions of a hacker's choice on your PC.
Alert level: severe
Updated on May 17, 2012

TrojanProxy:JS/Banker.N is a malicious JScript proxy configuration file that may redirect your browser traffic through an attacker-controlled proxy server.

Alert level: severe
Updated on Dec 28, 2014

Windows Defender detects and removes this threat.

This threat is associated with an exploit kit called SweetOrange. It can exploit vulnerabilities in Java, specifically the vulnerability discussed in CVE-2013-0422.

Find out ways that malware can get on your PC.  

Alert level: severe
Updated on Dec 14, 2014

Windows Defender detects and removes this threat.

This malware family steals information about your PC, sends it a malicious hacker, and downloads other malware.

It can be installed on your PC by other malware, or as a result of an exploit, such as Exploit:Win32/CVE-2012-0158.CJ.

Find out ways that malware can get on your PC.

Alert level: severe
Updated on Jul 14, 2015

Windows Defender detects and removes this threat.

This threat can collect your sensitive information and send it to a malicious hacker.

Find out ways that malware can get on your PC.

Alert level: severe
Updated on Jun 23, 2016

Windows Defender detects and removes this threat.

This threat family uses vulnerabilities in recent versions of Internet ExplorerMicrosoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/ExxrouteRansom:Win32/Cerber,  and drop variants of Win32/Gamarue.

You might get this threat if you visit a malicious or hacked website, or click a malicious link in an email.

Alert level: severe