Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 1 of 25.
Updated on Apr 11, 2011
TrojanDownloader:Win32/Agent!D529 is a Trojan downloader that drops a file onto the infected computer and attempts to download unwanted software from a remote Web site. The content could include anything from additional downloader Trojans to imitation security programs.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Renos.CM is a variant of Win32/Renos, a family of trojan downloaders that automatically download unwanted software such as SpySheriff, SpyAxe, SpyFalcon, SpyDawn, SpywareStrike, and other similarly named programs. These programs typically present erroneous warnings claiming the system is infected with spyware and offer to remove the alleged spyware for a fee. In some cases, the programs may also cause system instability.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Poisonvy!JPG  is a malicious jpg that contains code that attempts to exploit vulnerabilities in GDI in order to download additional malware onto the vulnerable machine. In the wild, this exploit code has been observed attempting to download Backdoor:Win32/Poisonivy.E. Please note, however, that in this example, the malicious code failed to exploit this vulnerability, and thus the trojan-downloading payload remains intended.
For more information on these vulnerabilities, please see Microsoft Security Bulletin MS08-021.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Small.E repeatedly accesses a remote website in an attempt to download and install malicious or unwanted software. The Trojan attempts to hide its presence on the system and continually refreshes the registry edits made to lower security settings.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Horst.H is a trojan downloader component of the Horst malware family.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Renos.Y is a detection for a trojan that connects to certain websites and downloads other unwanted software and malware, such as Trojan:Win32/FakeSecSen, Trojan:Win32/Bohmini and other Win32/Renos components.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:JS/Multibreach.B is a detection for specially-crafted web pages that use JavaScript to download additional malware components based on the browser's vulnerability to specific exploits. These web pages are designed to trigger the browser vulnerabilities, thereby allowing malware to be downloaded into the system.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:VBS/Lnkget.D is a detection for VBS files that may be downloaded by TrojanDownloader:Win32/Lnkget.D. TrojanDownloader:Win32/Lnkget.D is a detection for shortcuts which connect to an FTP server and download and execute arbitrary VBScript files. These downloaded files have in turn generally downloaded and executed game password stealing malware, such as variants of the Win32/Helpud family.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Phagent.A is a DLL file that contains code to download a file from the Internet whenever the user attempts to make a dial-up connection.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Renos.BAO is a trojan that can download and execute arbitrary files. It has been observed in the wild downloading rouge security software such as members of the Trojan:Win32/FakePlus and Win32/Paduds families.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Small.gen!AW is a program that silently downloads and executes arbitrary files without the affected user’s consent. Installation details and the files downloaded and executed may vary from instance to instance because of the generic nature of the detection.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Vtimrun.A is a trojan that connects to a remote server to retrieve additional commands and download additional malware.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:ASX/Wimad.AE is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a web browser. 
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:ASX/Wimad is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Dogkild.D is a trojan that downloads and executes arbitrary files from a remote host. It has been designed to deliberately compromise particular System Restore hardware and software.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Frethog.C is a variant of a large family of password-stealing trojan that targets confidential account data from Massive Multiplayer Online Role Playing Games (MMORPG) such as World of Warcraft (WoW) and may be installed by variants of Worm:Win32/Taterf.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:ASX/Wimad is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a web browser.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Renos.JM is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level: severe
Updated on Apr 11, 2011
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Ufraie.A is a trojan downloader, which retrieves an encoded set of URLs from a control server. It then downloads and executes arbitrary files from the retrieved URLs. In the wild, Win32/Ufraie.A has been observed to download variants from Win32/Bredolab, Win32/Harnig, and other families.
Alert level: severe