TrojanDownloader:Win32/Renos.FJ is a trojan that connects to certain Web sites to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.FU is a trojan that connects to certain websites to download other malware or adware. This may include other TrojanDownloader:Win32/Renos components, and adware such as Adware:Win32/Mysidesearch and Adware:Win32/AdRotator.

TrojanDownloader:Win32/Renos.IG is the detection for a trojan that connect to certain Web sites to download other malware. This may include other TrojanDownloader:Win32/Renos components, and fake antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.BAH is a trojan that connects to certain websites to download other malware or adware. This may include other TrojanDownloader:Win32/Renos components, and adware such as Adware:Win32/Mysidesearch and Adware:Win32/AdRotator.

TrojanDownloader:Win32/Donise.B is a trojan component of TrojanDownloader:Win32/Donise.A. It drops TrojanDownloader:Win32/Donise.A and another file that may be detected as Trojan:Win32/Lodap!rts.

TrojanDownloader:Win32/Renos.GF is a generic detection for a family of trojans that connect to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Renos.LL is a detection for trojans that connect to certain Web sites to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDownloader:Win32/Banload.IU is the detection for malware that downloads and executes other malware from a remote server. The downloaded files are usually members of the TrojanDownloader:Win32/Banload or TrojanSpy:Win32/Bancos family.

TrojanDownloader:Win32/Zlob.APM is a generic detection for the DLL component of the TrojanDownloader:Win32/Zlob family, a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The TrojanDownloader:Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

Trojan:Win32/Cutwail.AK!sys is a trojan that usually arrives in a system with TrojanDownloader:Win32/Cutwail.S. Its primary function is to inject TrojanDownloader:Win32/Cutwail.S into the services.exe process in order to bypass the firewall.

TrojanDownloader:Win32/Rochap.F is a trojan component dropped and installed by TrojanDropper:Win32/Rochap.F. It connects to a certain Web site to download another malware, which is detected as Trojan:Win32/Rochap.B.

TrojanDownloader:BAT/Lnkget.E is a shortcut file that connects to a specific remote server to download arbitrary files, which may be detected as malware.

TrojanDownloader:Win32/Matcash.N is a trojan that connects to certain remote Web sites and sends information about the affected system. Based on information it sends, it downloads and executes a file.

TrojanDownloader:Win32/Small.gen!K is a generic detection for a program that silently downloads and executes arbitrary files without the affected user’s consent. Installation details and the files downloaded and executed may vary from instance to instance of this detection.

TrojanDownloader:ASX/Wimad.CA is a detection for malicious Windows media files that are used to encourage users to download and install possibly unwanted programs on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a Web browser.

TrojanDownloader:Win32/AY attempts to download a file from a remote Web site and run that file on the impacted system. This file may be named 'parad.raw.exe' and copies of the file may be created as follows:

 

C:\<random name>.exe
<system folder>\parad.raw.exe
<system folder>\taskdir.dll
<system folder>\taskdir~.exe
<system folder>\parad.raw.exe

TrojanDownloader:Win32/Stration.gen is generic detection for a family of trojans that download and run variants of the Win32/Stration worm. Win32/Stration is a family of mass-mailing email worms that send themselves to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool.

TrojanDownloader:Win32/Eldycow.gen!A is a Trojan that receives various instructions to perform on the affected machine from remote hosts. These instructions often include directions to download and execute arbitrary files. In the wild, TrojanDownloader:Win32/Eldycow.gen!A has been observed to download a number of different Trojans from various remote locations, including TrojanDownloader:Win32/Wixud, Trojan:Win32/Wopla, VirTool:WinNT/Rootkitdrv.CE, TrojanDownloader:Win32/Nuwar, PWS:Win32/Cimuz and Trojan:Win32/Adialer.LA.

TrojanDownloader:ASX/Wimad is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a web browser. 

TrojanDownloader:Win32/Renos.gen!Z is a generic detection for variants in the Win32/Renos trojan family. Win32/Renos is a family of trojans that displays messages reporting that the user's current security software is malfunctioning and that new security software should be downloaded. The message is false and misleading, and it is intended to encourage users to download and/or purchase third-party software.