1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Malicious Site: Trojan.Gen.2

Malicious Site: Trojan.Gen.2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects file downloads associated with Trojan.Gen.2.

Additional Information

Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.

Trojan horse programs pose as legitimate programs or files that users may recognize and want to use. They rely on this trick to lure a user into inadvertently running the Trojan. Often a Trojan will mimic a well known legitimate file name or pose as a particular type of file, like a .jpg or .doc file to trick a user.

Distribution of Trojans on to compromised computers occurs in a variety of ways. From email attachments and links to instant messages, drive-by downloads and being dropped by other malicious software. Once installed on the compromised computer, the Trojan begins to perform the predetermined actions that it was designed for.

Affected

  • Microsoft Windows XP

Response

No further action is required but you may wish to perform some of the following actions as a precautionary measure.
Run the Norton Power Eraser. (home users)
Run the Symantec Power Eraser. (business users)
Update your product definitions and perform a full system scan.
Submit suspicious files to Symantec for analysis.

If you believe that the signature is reported erroneously, please read the following:
Report a potential false positive to Symantec.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube