ALIASES:

Trojan Horse(Symantec), Mal/TibsPk-D(Sophos), Email-Worm.Win32.Zhelatin.rp(Kaspersky), WORM/Zhelatin.Gen(Avira), W32/Tibs.E.gen!Eldorado (generic(F-Prot), Tibs-Packed(McAfee)

 PLATFORM:

Windows 98, ME, NT, 2000, XP, Server 2003

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Others

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  TECHNICAL DETAILS

Heuristic Detection

This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:

If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature).

NOTES:

This report originally appears in this link, published on November 29, 2007.

  SOLUTION

Minimum Scan Engine: 8.500
FIRST VSAPI PATTERN FILE: 8.730.04
FIRST VSAPI PATTERN DATE: 24 Jan 2012
VSAPI OPR PATTERN File: 8.731.00
VSAPI OPR PATTERN Date: 24 Jan 2012

For Trend Micro Customers

Scanning your system with your registered Trend Micro security solution removes this malware.

Trend Micro products are powered by the Trend Micro™ Smart Protection Network™, a technology designed to protect you from all kinds of online security threats, regardless of type, attack vector, or behavior.

If you suspect a false positive (i.e. you believe the detected file to be non-malicious), kindly submit a sample of the detected file through the following channels for analysis:

  • For premium customers, click here.
  • For non-premium customers, click here.

For Non-Trend Micro Customers

You may download, install, and scan your system with HouseCall, our highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plug-ins, and other malware.


Did this description help? Tell us how we did.