TrojanDownloader:Win32/Renos.FJ is a trojan that connects to certain Web sites to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.FU is a trojan that connects to certain websites to download other malware or adware. This may include other TrojanDownloader:Win32/Renos components, and adware such as Adware:Win32/Mysidesearch and Adware:Win32/AdRotator.

TrojanDownloader:Win32/Renos.IG is the detection for a trojan that connect to certain Web sites to download other malware. This may include other TrojanDownloader:Win32/Renos components, and fake antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.BAH is a trojan that connects to certain websites to download other malware or adware. This may include other TrojanDownloader:Win32/Renos components, and adware such as Adware:Win32/Mysidesearch and Adware:Win32/AdRotator.

Microsoft security software detects and removes this family of threats.

This family of malware work together to download other malware, including threats from the Win32/Sirefef and Win32/Medfos families. They can also give a malicious hacker backdoor access and control of your PC.

These threats can be installed at the same time as rogue security software, such as Rogue:Win32/Winwebsec.

We have seen the Necurs family being installed by variants of the Blacole family, the Win32/Beebone family, the Win32/Zbot family, and the Win32/Dorkbot family.

Find out ways that malware can get on your PC.

TrojanDownloader:Win32/Donise.B is a trojan component of TrojanDownloader:Win32/Donise.A. It drops TrojanDownloader:Win32/Donise.A and another file that may be detected as Trojan:Win32/Lodap!rts.

TrojanDownloader:Win32/Renos.GF is a generic detection for a family of trojans that connect to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.LL is a detection for trojans that connect to certain Web sites to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Banload.IU is the detection for malware that downloads and executes other malware from a remote server. The downloaded files are usually members of the TrojanDownloader:Win32/Banload or TrojanSpy:Win32/Bancos family.

Trojan:Win32/Cutwail.AK!sys is a trojan that usually arrives in a system with TrojanDownloader:Win32/Cutwail.S. Its primary function is to inject TrojanDownloader:Win32/Cutwail.S into the services.exe process in order to bypass the firewall.

TrojanDownloader:Win32/Rochap.F is a trojan component dropped and installed by TrojanDropper:Win32/Rochap.F. It connects to a certain Web site to download another malware, which is detected as Trojan:Win32/Rochap.B.

TrojanDownloader:Win32/Zlob.APM is a generic detection for the DLL component of the TrojanDownloader:Win32/Zlob family, a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The TrojanDownloader:Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

TrojanDownloader:Win32/Webpwnd.C is detection for specially crafted .NET assemblies used in an attack that exploits a vulnerability in Microsoft DirectShow (CVE-2009-1537).

TrojanDownloader:Win32/Webpwnd.B is detection for specially crafted .NET assemblies used in an attack that exploits a vulnerability in Microsoft DirectShow (CVE-2009-1537).

TrojanDownloader:Win32/Renos.Y is a detection for a trojan that connects to certain websites and downloads other unwanted software and malware, such as Trojan:Win32/FakeSecSen, Trojan:Win32/Bohmini and other Win32/Renos components.

TrojanDownloader:Win32/Horst.H is a trojan downloader component of the Horst malware family.

TrojanDownloader:JS/Multibreach.B is a detection for specially-crafted web pages that use JavaScript to download additional malware components based on the browser's vulnerability to specific exploits. These web pages are designed to trigger the browser vulnerabilities, thereby allowing malware to be downloaded into the system.

TrojanDownloader:ASX/Wimad.AE is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a web browser. 

TrojanDownloader:VBS/Lnkget.D is a detection for VBS files that may be downloaded by TrojanDownloader:Win32/Lnkget.D. TrojanDownloader:Win32/Lnkget.D is a detection for shortcuts which connect to an FTP server and download and execute arbitrary VBScript files. These downloaded files have in turn generally downloaded and executed game password stealing malware, such as variants of the Win32/Helpud family.

TrojanDownloader:Win32/Phagent.A is a DLL file that contains code to download a file from the Internet whenever the user attempts to make a dial-up connection.