HTTP_REQUEST_POST_ZEUS
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
TECHNICAL DETAILS
Heuristic Detection
This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:
- Communication to command and control servers
If your Trend Micro product detects a file under this detection name, do not execute the file.
NOTES:
The following malware families are related to this detection:
If your Trend Micro product detects malicious network packets, your system may have malware that sends the network packets. Scan your system with your Trend Micro product to locate the malware. Delete the malware immediately, especially if the detected files came from an untrusted or an unknown source (e.g., a website of doubtful nature).
However, if you have reason to believe that the detected file is non-malicious, you may submit a sample for further analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary.
SOLUTION
9.200
NOTES:
Using the Trend Micro System Information Collector (SIC) Tool
To get an accurate analysis of your system, Trend Micro recommends downloading and scanning your system using our System Information Collector (SIC) tool. The SIC tool scans your system and outputs a log file. It helps in investigating suspicious files, processes, and activities in your system.
Refer to the following Trend Micro eSupport page to know more about the tool and to download a version suitable for you:
After scanning your system and obtaining the log file output, kindly submit your log files in the eSupport portal.
Submitting Samples
If you identified suspicious files, you may submit them to us. Sample files for submission must be in ZIP format and should be password-protected. To submit a ZIP file, file compression software such as Winzip must be used. A trial version of Winzip is available at www.winzip.com.
To compress a file, please follow the steps below:
- Right-click on the file and select Add to Zip.
- Enter a file name for the zip file.
- On the Options menu, choose Encrpyt. In the input box, type virus. This serves as the password for the zip file.
- Send the sample through the following channels:
• For Trend Micro Premium customers, please submit a virus support case by clicking here:
https://success.trendmicro.com/
• For Trend Micro non-Premium customers, please contact your local support network by visiting your Trend Micro regional website.
• For non-Trend Micro customers, scan your system with HouseCall, our highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plug-ins, and other malware.
Did this description help? Tell us how we did.