|Short Description||It may be exploiting a legitimate .dll file on the infected system.|
|Distribution Method||Via social engineering, unsafe browsing, etc.|
|Detection tool||Download SpyHunter, to See If Your System Has Been Affected By Trojan:Win32/Colisi.F|
Trojan:Win32/Colisi.F is a Trojan horse that has several variants. According to security researchers, the threat can be located in the Google directory of the infected system. The main file of the Trojan most likely is GoogleUpdate.dll. Since the .dll file appears to be legitimate and a part of Google Chrome, malware such a Trojan horse can be exploiting it. As we have written many times, malicious software can deploy legitimate .exe and .dll files for its dubious processes.
Trojan:Win32/Colisi.F Threat Description
Our research indicates that the Trojan has various aliases and variants. Furthermore, different AV solutions appear to have different detection names. Trojan:Win32/Colisi.F may be distributed together with Trojan:Win32/Colisi.B.
One user has shared that the two Trojans were detected in the Google directory on his computer after he had upgraded to Windows 10. The two detections happened 14 days apart from one another.
A malware scan by VirusTotal on Trojan:Win32/Colisi.A shows that the Trojan’s detection rate is pretty high:
- Microsoft detects it as Trojan:Win32/Colisi.A.
- ESET-NOD32 detects it as Win32/ExtenBro.AZ.
- AVG detects it as Atros.ADXF.
- Avast detects it as Win32:Agent-AYUR [Trj].
- Kaspersky detects it as Trojan.Win32.ExtenBro.afs.
- McAfee detects it as Trojan-FGMU!286F29CBF928.
- Symantec detects it as Trojan Horse.
- TrendMicro detects it as TROJ_KILIM.SMCX.
- Malwarebytes detects it as TrojanDownloader.
As a total, 30 of 57 anti-virus programs detect the Trojan.
Trojan:Win32/Colisi.F Distribution Path
Trojan horses are mostly spread via some form of social engineering, trying to trick users into thinking that it is a legitimate program. Other distribution tactics involve clicking on corrupted links and suspicious email attachments, executing drive-by downloads and downloading infected files.
The most common Trojans that affect average users appear to be:
- Trojan-Downloaders. Trojan-Downloaders are designed to download and install the latest versions of malware onto the system, such as Trojans, PUPs, and adware.
- Trojan-Droppers. Trojan-Droppers are deployed by cyber criminals to install Trojans and computer viruses, or in other cases to prevent their detection.
- Trojan-Spies. Trojan-Spy programs spy on user activities and track the data entered via the keyboard. They can also take screenshots and obtain the list of running applications.
- Trojan-Mailfinder. They are designed to collect email addresses from users. Collected emails can then be used in aggressive spam campaigns.
Of course, there are many types of Trojan horses. The question is…
How to Stay Protected against Trojans and Remove Trojan:Win32/Colisi.F?
The safest way to deal with the threat is using professional help. You can either call a friend that knows his way around PC issues and particularly malware, or you can fix the problem yourself. The quickest way to do that is by installing a powerful anti-malware program to scan and clean the system. Additionally, we have provided a removal manual below the article.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter