Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Trojan


Aliases:


Trojan
trojan:w32/[variant], Trojan.win32

Malware
Trojan
W32

Summary

A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details

When searching our Virus Descriptions database for a specific program (e.g., Trojan:W32/Example.A), you may be directed to this page if the overview below sufficiently describes the program.

Alternatively, you may be directed to this page if no description matching that specific query is currently available. You can submit a sample of the suspect file to our Response Lab for further analysis via:


About Trojans

Named after the Trojan Horse of Greek legend, a trojan is a malicious program that performs, or appears to perform, one function, but in reality executes another action without the user's knowledge or consent.

Quite often, the trojan will either have or pretend to have a functionality that offers a useful service to the user - like a screensaver, a utility program, a service pack or application update and so on - in order to encourage the user to install the trojan.

Once the trojan is installed however, it performs its actual, unauthorized function, which ranges from mildly annoying pranks (like changing desktop icon positions), to serious, user-inhibiting functions (like disabling the keyboard or mouse) to critically destructive actions (like erasing files or stealing data).

The majority of trojans today carry a payload designed to cause harm.

Trojans can be further subdivided based on how they function once they are installed onto a system, or how they deliver their payload:


About Trojan-Ransoms

A specialized type of trojan is Trojan-Ransom, which may be used to specifically identify malicious programs which attempt to steal, delete or encrypt the user's own data files; the user must subsequently 'ransom' these files back from the attacker, usually by monetary payment.


Generic Trojan Detections

Generic Detections are a type of detection used by antivirus programs to identify files with trojan-like behavior. Unlike single-file detections, Generics do not identify individual malware; instead, they evaluate suspect files based on their similarity to known malicious programs. If a file is similar to a previously identified threat, it is flagged as a potential security risk.

A Generic Detection may use varying naming conventions. Some examples are:

  • Trojan.Generic.3545219
  • Gen:trojan.v
  • Trojan.autorun.gen

For more information about Generic Detections, please see the Generic Detection description


More

For more information, see Terminology: Trojan and Terminology: Generic Detection.







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.

Scan and clean your PC




F-Secure Online Scanner will scan and clean your PC in just a few minutes for free