This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
When searching our Virus Descriptions database for a specific program (e.g., Trojan-Downloader:W32/Example.A), you may be directed to this page if the overview below sufficiently describes the program.
Alternatively, you may be directed to this page if no description matching that specific query is currently available. You can submit a sample of the suspect file to our Response Lab for further analysis via:
Trojan-Downloaders are often distributed as part of the payload of another malware, such as a Trojan-Dropper.
Trojan-Downloaders may also be distributed as a file attachment to spam e-mails. The attached programs are typically labelled using legitimate-sounding program or document names, such as 'invoice' or 'accounts.exe', as a simple form of social engineering.
On opening the file attachment, the Trojan-Downloader is installed.
A Trojan-Downloader is a type of trojan that installs itself to the system and waits until an Internet connection becomes available to connect to a remote server or website in order to download additional programs (usually malware) onto the infected computer.
Once its primary download/execution routine is completed, it may also proceed to a secondary payload routine.
For representative examples of Trojan-Downloaders, please see the following descriptions:
For more information, see Terminology: Trojan-Downloader.