F-Secure
Tools
Trojan:W32/Trojan
| Name : | Trojan:W32/Trojan |
| Detection Names : |
Gen:trojan |
| Category: | Malware |
| Type: | Trojan |
| Platform: | W32 |
Summary
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
Disinfection
Automatic Disinfection
Starting from F-Secure Anti-Virus (FSAV) version 5.40, standalone malware (backdoors, worms, trojans, etc.) is automatically removed. FSAV automatically renames malware files to prevent them from being executed.
In rare cases, automatic disinfection is not possible and the user must instruct FSAV to perform disinfection (renaming and/or deleting the infected file).
In special cases, the user is recommended to perform disinfection using specific tools provided by F-Secure. The tools can be downloaded from:
- ftp://ftp.f-secure.com/anti-virus/tools/
- http://www.f-secure.com/download-purchase/tools.shtml
In some cases F-Secure Anti-Virus may not automatically disinfect a system. If so, please visit our Support pages at:
- http://support.f-secure.com/enu/home/virusproblem/howtoclean/
Windows System Restore Issues
If the computer is running on the Windows ME or XP operating systems, disabling the System Restore feature before disinfection is recommended. This is to avoid possible re-infection by a threat that has just been disinfected, as the System Restore feature may have unknowingly saved a copy of the infected file during its normal procedures. If the System Restore feature is active, it may then copy the infected file back to the hard drive after the user or an antivirus program has renamed or deleted it.
Instructions on how to disable the System Restore feature are here:
- Windows ME: http://www.f-secure.com/v-descs/sfc_dis.shtml
- Windows XP: http://www.f-secure.com/v-descs/sfc_dis1.shtml
Once disinfection is complete, re-enabling the System Restore feature is recommended. This will allow the user to restore the system to a stable configuration in the event that a crash or incompatibility issue occurs in the future.
F-Secure Anti-Virus
F-Secure Anti-Virus can be purchased from our online web store or from authorized distributors. A 30-day limited trial verson of F-Secure Anti-Virus may be downloaded from our website:
- http://www.f-secure.com/download-purchase/
All the latest versions of FSAV can automatically download the latest signature database updates. These updates can also be manually downloaded and installed from our web or ftp sites:
- http://www.f-secure.com/download-purchase/updates.shtml
Contacting F-Secure for help
If you have problems with disinfection, please consult a computer technician or send a message (and a sample) to our Response Lab. We have guidelines for sending virus samples, hoaxes and virus-related questions to F-Secure Response Lab published here:
- http://support.f-secure.com/enu/home/virusproblem/sample/
Starting from F-Secure Anti-Virus (FSAV) version 5.40, standalone malware (backdoors, worms, trojans, etc.) is automatically removed. FSAV automatically renames malware files to prevent them from being executed.
In rare cases, automatic disinfection is not possible and the user must instruct FSAV to perform disinfection (renaming and/or deleting the infected file).
In special cases, the user is recommended to perform disinfection using specific tools provided by F-Secure. The tools can be downloaded from:
- ftp://ftp.f-secure.com/anti-virus/tools/
- http://www.f-secure.com/download-purchase/tools.shtml
In some cases F-Secure Anti-Virus may not automatically disinfect a system. If so, please visit our Support pages at:
- http://support.f-secure.com/enu/home/virusproblem/howtoclean/
Windows System Restore Issues
If the computer is running on the Windows ME or XP operating systems, disabling the System Restore feature before disinfection is recommended. This is to avoid possible re-infection by a threat that has just been disinfected, as the System Restore feature may have unknowingly saved a copy of the infected file during its normal procedures. If the System Restore feature is active, it may then copy the infected file back to the hard drive after the user or an antivirus program has renamed or deleted it.
Instructions on how to disable the System Restore feature are here:
- Windows ME: http://www.f-secure.com/v-descs/sfc_dis.shtml
- Windows XP: http://www.f-secure.com/v-descs/sfc_dis1.shtml
Once disinfection is complete, re-enabling the System Restore feature is recommended. This will allow the user to restore the system to a stable configuration in the event that a crash or incompatibility issue occurs in the future.
F-Secure Anti-Virus
F-Secure Anti-Virus can be purchased from our online web store or from authorized distributors. A 30-day limited trial verson of F-Secure Anti-Virus may be downloaded from our website:
- http://www.f-secure.com/download-purchase/
All the latest versions of FSAV can automatically download the latest signature database updates. These updates can also be manually downloaded and installed from our web or ftp sites:
- http://www.f-secure.com/download-purchase/updates.shtml
Contacting F-Secure for help
If you have problems with disinfection, please consult a computer technician or send a message (and a sample) to our Response Lab. We have guidelines for sending virus samples, hoaxes and virus-related questions to F-Secure Response Lab published here:
- http://support.f-secure.com/enu/home/virusproblem/sample/
Additional Details
This is the Trojan General Information page.
Named after the Trojan Horse of Greek legend, a trojan is a malicious program that performs, or appears to perform, one function, but in reality executes another action without the user's knowledge or consent. Quite often, the trojan will either have or pretend to have a functionality that offers a useful service to the user - like a screensaver, a utility program, a service pack or application update and so on - in order to encourage the user to install the trojan.
Once the trojan is installed however, it performs its actual, unauthorized function, which ranges from mildly annoying pranks (like changing desktop icon positions), to serious, user-inhibiting functions (like disabling the keyboard or mouse) to critically destructive actions (like erasing files or stealing data).
The majority of trojans today carry a payload designed to cause harm.
Trojans can be further subdivided based on how they function once they are installed onto a system, or how they deliver their payload:
Named after the Trojan Horse of Greek legend, a trojan is a malicious program that performs, or appears to perform, one function, but in reality executes another action without the user's knowledge or consent. Quite often, the trojan will either have or pretend to have a functionality that offers a useful service to the user - like a screensaver, a utility program, a service pack or application update and so on - in order to encourage the user to install the trojan.
Once the trojan is installed however, it performs its actual, unauthorized function, which ranges from mildly annoying pranks (like changing desktop icon positions), to serious, user-inhibiting functions (like disabling the keyboard or mouse) to critically destructive actions (like erasing files or stealing data).
The majority of trojans today carry a payload designed to cause harm.
Trojans can be further subdivided based on how they function once they are installed onto a system, or how they deliver their payload: