Threat Description

Trojan (Generic)

Details

Aliases: trojan.generic.[variant], gen:trojan.[variant]
Category: Malware
Type: Trojan
Platform: W32

Summary


A Generic Detection of a file or program that appears to have trojan-like features or behavior.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more assistance.


Suspect a file is malicious?

If in doubt, or in cases where a legitimate file is suspected to contain malicious code, please send a sample to F-Secure Security Labs via the Sample Analysis System (SAS) for analysis. You may want to refer to the following Support articles for more details:

Or Contact Support for further assistance.





Suspect a False Alarm (FA)?

Occassionally, a legitimate program or file containing code sufficiently similar to a known malware signature will inadvertently trigger a False Alarm or False Positive.

For example, 'tmp.edb' and other '.edb' files stored at the location 'C:\WINDOWS\SoftwareDistribution\DataStore\Logs\' may be unintentionally detected as malicious by various security programs.

If the suspect file is known to be legitimate, it may be excluded from scanning with the following instructions:

Microsoft also provides enterprise-level instructions for excluding the file in question from scanning by antivirus software:






Technical Details


Named after the Trojan Horse of Greek legend, a trojan is a program that performs, or appears to perform, one function, but in reality executes another action without the user's knowledge or consent.

Usally, a trojan program will either have (or pretend to have) a functionality that offers a useful service to the user - for example, a screensaver, a service pack or application update and so on - to encourage the user to install the program. Some trojans may use similar or even identical styles, colors and designs as those of legitimate programs, to further deceive the user. Once installed, the trojan performs its actual, unauthorized function, which can range from mildly annoying pranks (like changing desktop icon positions), to serious, user-inhibiting functions (like disabling the keyboard or mouse) to critically destructive actions (like erasing files or stealing data).

A trojan that is identified by a detection using the format 'trojan.generic.[variant]', 'trojan.gen.[variant]' or similar indicates that the program was identified by a Generic Detection. Unlike single-file detections which identify unique files, a Generic Detection looks for broadly applicable code or behavior characteristics to evaluate a file's potential for causing harm; a single Generic Detection can therefore efficiently identify dozens, or even hundreds of malware.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

Learn More