Trojan Downloader

A Trojan downloader is usually a standalone program that attempts to secretly download and run other files from remote web and ftp sites. Typically Trojan downloaders download a numerous variety of Trojans and backdoors and activate them on an affected system without your approval.

Trojan downloader, when running, installs itself onto the computer system and waits patiently until Internet connection becomes available. After that it attempts to connect to a web or ftp site, downloads a specific file or files and runs them.

If your system has a Trojan Downloader aboard, it means your system is running amuck with malicious files and programs. Before we explain how we’ve come to this conclusion, let’s first define what a basic Trojan is.

In cyberspace, a Trojan or Trojan horse is the label given a type of malicious program infamous for using guises to trick PC users into opening the front door, i.e. clicking and thus authorizing the download of its files and program. In other words, a Trojan horse presents as an innocent or helpful tool, when in fact its malicious code or scripting contained therein is planned to carry out the criminal intent of its creator. Criminal intent could involve theft of data or misuse of system resources to jam up the traffic of targeted computer systems, so called a DNS (Denial of Service) strike or attack. 

A Trojan can be built to carry out a specific attack or behavior and the identifier or detection assigned may give hint as to what this entails. To trick an unwary PC user into clicking and downloading its files, a Trojan may be hidden behind a fake Adobe Flash update, Windows security alert or video codec component prompt. Trojans can also be hidden behind a tantalizing link or tease planted in a cleverly written email spam communication or on the friendly grounds of social networking platforms. Malware makers exploit legitimate processes to position their poisonous links atop popular search engine results pages, turning the Internet into an explosive landmine. The wrong step could land a PC user onto a compromised website housing a Trojan Downloader. 

Trojan Downloaders are different than other Trojan types because they are able to exact a drive-by attack or automatic download without further aid of its victim. Automatic download is made possible after the Trojan Downloader exploits scripting in the back-end of the compromised website. If the computer system of the web-page visitor (i.e. PC user) is not properly guarded, upon landing, the Trojan Downloader will automatically download malicious files without any further help or action of the victim.

Most malicious programs, Trojans included, are designed to stay resident and work in the background while the victim is none-the-wiser. Trojans are stealth and can make system changes comparable to that of an expert programmer or IT expert. Some behaviors or system changes you can expect include:

  • Opening of a two-way port to communicate with one or more command and control servers (C&C):
    • Interception of new instructions
    • Interception of more malicious programs to install and run, including a backdoor, keylogger or rogue security program
    • Transmission of stolen data:
      • Passwords, usernames, PINs, certificates, etc., stored in the browser cache
      • Email addresses stored on the hard drive or in HTML pages
      • System data identifying other vulnerabilities that could aid in future strategies and malicious attacks
  • A configuration file may be downloaded that changes the infected system as follows:
    • Adds registry keys, including one looping the malicious executable so it runs every time Windows is started
    • An algorithm may be run to seek and destroy files updating or running security programs and measures
    • Administrative controls disabled to inhibit those hoping to stop the attack
  • The browser will be hijacked so it can:
    • Block traffic to helpful malware removal sites and forums
    • Reroute traffic to malicious websites promoting purchase of fake online scanners and rogue security programs
    • Reroute traffic to arbitrary search engines that encourage click fraud and pay-per-click residuals for a cybercriminal

Payloads are dependent on the wishes of the malware maker or buyerm, and at a minimum, include one or more of the following:

  • Theft of data
  • Installation of more malicious programs, especially the opening of a backdoor to give a hacker remote access
  • Presentation of a rogue security program
  • Installation of a keylogger to capture keystrokes being entered into web-based forms, especially those of a financial nature

While some malware can be manually removed, malicious programs fortified by rootkit technology may warrant use of professionals, i.e. tools or IT personnel. Rootkit technology helps mask and bury malicious files in the root of the infected system where many antivirus programs cannot scan. Rootkit technology masks malicious files so they read the same as legitimate operating system files. Removing the wrong file could easily corrupt the hard drive and leave the victim staring at the blue screen of death (BSOD). 

In the absence of a proper alert or warning from a trusted scanning tool, weird system behaviors may be the only hint a malicious program or Trojan is aboard. Therefore, if your system suddenly runs slow, web pages freeze up or you are experiencing reroutes to unwanted URLs, these could all be signs of an intrusion. At any hint of an intrusion, you should grab hold of a reliable and stealth scanning tool to dig deep to uncover and annihilate found intruders, even the resistant ones.

How Can You Detect Trojan Downloader? Check for Trojan Downloader with SpyHunter!

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like Trojan Downloader as well as a one-on-one tech support service.

* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy/Cookie Policy & Discount Terms. See more details and alternative free offer.

There are currently 125 articles listed on trojan downloader.

Name Threat Level Detection Count Date
BazaFlix May 28, 2021
Carp Downloader May 7, 2020
Chanitor 90 % (High) 586 February 27, 2015
CSPY Downloader November 4, 2020
DOUBLEDRAG May 5, 2021
DOUBLEDROP May 5, 2021
Downloader-BWP November 16, 2009
Downloader-CBG January 7, 2010
Downloader-cew-auc88f8f761b11 July 4, 2011
Downloader.Agent2.BDGM 90 % (High) 275 July 26, 2012
Downloader.Ajuxery 70 % (High) 3 April 23, 2014
Downloader.AUO 90 % (High) 2 April 24, 2014
Downloader.Bancos!gen May 10, 2011
Downloader.Blackbeard 90 % (High) 7 May 6, 2014
Downloader.Castov 10 % (Normal) 8,701 May 28, 2013
Downloader.Castov.B 70 % (High) 13,535 August 13, 2013
Downloader.Chepvil 80 % (High) 0 September 23, 2011
Downloader.Dashikut 20 % (Normal) 387 August 2, 2013
Downloader.Delphi 90 % (High) 0 October 19, 2009
Downloader.Drepitt 90 % (High) 495 December 23, 2011
Downloader.Dromedan 100 % (High) 7 October 21, 2011
Downloader.Eldorado.C 90 % (High) 61 December 13, 2007
Downloader.Generic14.HTD 70 % (High) 25,915 February 16, 2015
Downloader.Krakrues 80 % (High) 0 November 24, 2011
Downloader.Liftoh 50 % (Medium) 93 May 10, 2013
1 2 3 4 5

Search by Letter:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9