Threat description


Platform: W32


PublicEnemy is a simple Java based trojan that was found in October 1997. The trojan does modifications to any class files that are located in the same directory from which the trojan is executed. PublicEnemy is a trojan not a virus and thus is unable to spread by infecting other Java applications.


Automatic action

Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

When run, PublicEnemy searches the current directory for .class files, and modifies them damaging the file. The .class files damaged by PublicEnemy sometimes remain operational, but should still be restored from backups or reinstalled.

Being Java based trojan the PublicEnemy is capable of executing in almost any platform that has Java runtime environment installed. The trojan is capable of executing on Windows and Linux platforms and in PDA devices which have Java runtime installed.

PublicEnemy is not capable of spreading and it has not been met in the wild. As such, it can not be considered a realistic threat.

Technical Details: Jarno Niemela, February 2002, F-Secure


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Sample

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More