Analysis by: JessaD
 PLATFORM:

Windows 2000, XP, Server 2003

 OVERALL RISK RATING:
 REPORTED INFECTION:
 SYSTEM IMPACT RATING:
 INFORMATION EXPOSURE:

  • Threat Type: Worm

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  TECHNICAL DETAILS

NOTES:
This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:

If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature). However, if you have reason to believe that the detected file is non-malicious, you can submit a sample for analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary.

  SOLUTION

Minimum Scan Engine: 8.900
VSAPI PATTERN File: 7.796.11
VSAPI PATTERN Date: 27 Jan 2011
VSAPI PATTERN Date: 1/27/2011 12:00:00 AM

NOTES:
Important note: The Minimum scan engine refers to the earliest Trend Micro scan engine version guaranteed to detect this threat. However, Trend Micro strongly recommends that you update to the latest version in order to get comprehensive protection. Download the latest scan engine here. Solution: Note: If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature). However, if you have reason to believe that the detected file is non-malicious, you can submit a sample for analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary. Submitting Samples Sample files for submission must be in ZIP format and should be password-protected. To submit a ZIP file, file compression software such as Winzip must be used. A trial version of Winzip is available at www.winzip.com. To compress a file, please follow the steps below: Right-click on the file and select Add to Zip. Enter a file name for the zip file. On the Options menu, choose Encrpyt. In the input box, type virus. This serves as the password for the zip file. Send the sample through the following channels:

    For Trend Micro Premium customers, please submit a virus support case by clicking here:
    • https://premium.trendmicro.com/premiumsupport/en/US/PSP/logon/logon.asp
    For Trend Micro non-Premium customers, please contact your local support network here:
    • http://www.trendmicro.com/en/about/contact/overview.htm
    For non-Trend Micro customers, please submit a virus support case by clicking here:
    • http://subwiz.trendmicro.com/SubWiz/Default.asp


Did this description help? Tell us how we did.