TrojanDownloader:Win32/Renos.gen!BE is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.CM is a variant of Win32/Renos, a family of trojan downloaders that automatically download unwanted software such as SpySheriff, SpyAxe, SpyFalcon, SpyDawn, SpywareStrike, and other similarly named programs. These programs typically present erroneous warnings claiming the system is infected with spyware and offer to remove the alleged spyware for a fee. In some cases, the programs may also cause system instability.

TrojanDownloader:Win32/Renos.JM is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Zlob.gen!AD is generic detection for a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

This particular component is used to change the affected user's Internet Explorer Start page.

TrojanDownloader:Win32/Zlob.gen!AX is generic detection for a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

 

This particular component may attempt to download unwanted software.

TrojanDownloader:Win32/Banload.gen!F is a generic detection for a trojan that uses Portuguese installations of Microsoft Internet Explorer to download and execute online banking trojans.

TrojanDownloader:Win32/Zlob.ZWC is generic detection for an ActiveX control component of the Win32/Zlob malware family.

 

Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files. Win32/Zlob is associated with rogue security programs that display misleading warnings, identifying non-existent malware infections.

TrojanDownloader:Java/Jarvanwan.A is a trojan java applet that uses Exploit:Java/ByteVerify.C to download and execute malware on the user's computer.

Win32/Yektel is a family of trojans that display fake warnings of spyware or malware in an attempt to lure the user into installing or paying money to register rogue security products such as Trojan:Win32/FakeXPA. It is downloaded by most variants of Win32/FakeXPA.

TrojanDownloader:ASX/Wimad is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a web browser. 

 

When run, TrojanDownloader:Win32/Renos.HO downloads a file from a specific Web site. Once downloaded, TrojanDownloader:Win32/Renos.HO runs the file and deletes itself.

TrojanDownloader:Win32/Small.ZYP is the detection for malware that download other malware into the system.

TrojanDownloader:JS/SetSlice is a detection for a certain form of JavaScript files that exploit an un-patched Internet Explorer vulnerability (MS06-057) in order to download and execute another malware.

TrojanDownloader:Win32/Renos.JJ is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Zlob.gen!AL is generic detection for a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

TrojanDownloader:Win32/Zlob.CCA is a generic detection of a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software).

 

The Win32/Zlob family is associated with rogue security programs that display misleading warnings regarding non-existent malware installations or infections. Once installed, Win32/Zlob deceives users by displaying alerts, and similar messages that claim that the machine is infected by malware and spyware. It then displays links to purchase rogue Antispyware products. 

The TrojanDownloader:Win32/Zlob.CCA detection is specific to a DLL component from a Win32/Zlob installation. The component is responsible for displaying  fake alerts and messages claiming that the user's system is infected with spyware.

TrojanDownloader:Win32/Bofang.B is a trojan that downloads malware from a predefined remote Web site.

TrojanDownloader:Win32/Snapit.A is a trojan that downloads and executes arbitrary files. In the wild, we have seen this trojan being distributed via the successful exploitation of a vulnerability in the Snapshot Viewer for Microsoft Access (Security Advisory 955179 - http://www.microsoft.com/technet/security/advisory/955179.mspx).

TrojanDownloader:Win32/Small.gen!AO is a program that silently downloads and executes arbitrary files without the affected user’s consent. Installation details and the files downloaded and executed may vary from instance to instance because of the generic nature of the detection.