Threat Description



Category: Malware
Type: Trojan-Spy
Platform: W32
Aliases: Trojan-Spy, Trojan-Spy:w32


This type of trojan secretly installs spy programs and/or keylogger programs.


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.

Suspect A False Alarm?

If you suspect a file has been incorrectly identified as malicious, (that is, it is a False Alarm or a False Positive), please first ensure your F-Secure security program is up-to-date with the latest detection database updates, then rescan the suspect file.

If you continue to suspect a False Alarm, you may submit a sample of the suspect file to our Security Labs for further analysis via the Sample Analysis System (SAS).

Further actions

Various trojans may compromise system security by forwarding authentication information (logins and passwords, credit card numbers, etc.) to malicious parties. It is therefore very important to change all authentication details after disinfection, to protect against further misuse.

If your credit card number has been stolen or your bank account information has been compromised, it is recommended to contact your credit card company or bank for help.

Data theft may be legally classified as serious abuse in your jurisdiction; you may wish to contact the local cybercrime authorities for investigation. In this case, do not perform any disinfection actions on your computer before it is inspected by the authorities.

Technical Details

A Trojan-Spy is a type of trojan with a wide range of capabilities, including performing keylogging, monitoring processes on the computer and stealing data from files saved on the machine.

A Trojan-Spy will searches for specific files or data on an infected computer, which can be forwarded to, or retrieved by, the attacker. The type of information sought varies: some trojans try to locate 'key' files that contain authentication information for certain programs or services; others steal the serial numbers of software installed on an infected system.


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

Learn More