POSSIBLE_MOVLY-1
Trojan Horse(Symantec), Mal/Generic-A(Sophos), Trojan-Dropper.Win32.VB.afc(Kaspersky), TR/Dropper.Gen(Avira), W32/DropperX.JPO (exact(F-Prot), Generic Dropper(McAfee)
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This is the Trend Micro detection for suspicious files that manifest similar behavior and characteristics as the following malware:
If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature). However, if you have reason to believe that the detected file is non-malicious, you can submit a sample for analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary.
SOLUTION
NOTES:
Submitting Samples
If you identified suspicious files, you may submit them to us. Sample files for submission must be in ZIP format and should be password-protected. To submit a ZIP file, file compression software such as Winzip must be used. A trial version of Winzip is available here.
To compress a file, please follow the steps below:
- Right-click on the file and select Add to Zip.
- Enter a file name for the zip file.
- On the Options menu, choose Encrpyt. In the input box, type virus. This serves as the password for the zip file.
- Send the sample through the following channels:
• For Trend Micro Premium customers, please submit a virus support case by clicking here:
https://success.trendmicro.com/
• For Trend Micro non-Premium customers, please contact your local support network by visiting your Trend Micro regional website.
• For non-Trend Micro customers, scan your system with HouseCall, our highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plug-ins, and other malware.
Did this description help? Tell us how we did.