Trojan.Tibs
Trojan.Tibs Description
Trojan.Tibs is a Trojan Downloader program that is related to the VXGame Trojan. Once Trojan.Tibs is executed on your computer, it will connect to the Internet and download additional malware. Trojan.Tibs may also generate large numbers of popup adverts, and it will also attempt to bypass the Windows Firewall. Trojan.Tibs program is a security risk, and should be removed immediately to protect your personal data. Fake email greeting cards are infected with trojans. Beware of strangers sending greeting cards. Recently, greeting cards via e-mail are forcing trojans like Trojan.Tibs into people’s inboxes. You may be infected with Trojan.Tibs if the file ecard.exe appears on your computer.
What is a Greeting Card Email Spam?
A greeting card e-mail spam is a new method in which spammers are tricking e-mail recipients into downloading trojans such as Trojan.Tibs.
Subjects that appear on the spammed e-mails:
You’ve received a greeting card from a admirer!
You’ve received a greeting card from a class mate!
You’ve received a greeting card from a colleague!
You’ve received a greeting card from a family member!
You’ve received a greeting card from a friend!
You’ve received a greeting card from a mate!
You’ve received a greeting card from a neighbor!
You’ve received a postcard from a Worshipper!
You’ve received a greeting card from a School friend!
You’ve received a greeting card from a School-mate!
You’ve received a postcard from a Partner!
Aliases
W32/FakeAV.NMUT!tr [Fortinet]Trojan.Win32.FakeAV [Ikarus]a variant of Win32/Kryptik.AIKT [ESET-NOD32]Trojan.Malware.Obscu.Gen.002 [ByteHero]Trojan/Fakeav.bepo [Jiangmin]Trojan.Win32.FakeAV!IK [Emsisoft]Artemis!C5D5EBE9A8AA [McAfee-GW-Edition]TROJ_GEN.RC1CDGG [TrendMicro]TR/Crypt.XPACK.Gen2 [AntiVir]Trojan.DownLoader6.29653 [DrWeb]
More aliases (574)
Trojan.Tibs Automatic Detection Tool (Recommended)
Is your PC infected with Trojan.Tibs? To safely & quickly detect Trojan.Tibs, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Trojan.Tibs
What happens if Trojan.Tibs does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 YUR1D.exe 665 2 YURC7.exe 658 3 iehostcx32.dll 372 4 ev1kn3tsv5so.exe 307 5 svcho.exe 220 6 update32.exe 155 7 ctfmona.exe 145 8 YUR39.exe 80 9 _ex-08.exe 80 10 winds32.exe 14
More files
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}DriveSystemPromoRegService Pack 1SystemSv12vedxg6ame4.exe - The following CLSID's were detected:
HKEY..\..\{CLSID Path} {a4dca795-b588-4be0-9463-7ff2864543b1}
Posted: February 26, 2007 | By SpywareRemove
MoreThreat Level: 9/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 733
Thanks so much for these instructions and recommendations. I have been trying to remove this spyware for days; no matter what I did, it kept coming back. Though I was skeptical, I finally downloaded and purchased Spyhunter. I scanned the system with Spyhunter but it had been unable to remove this virus “Trojan.Tibs.” Without your instructions for un-registering the problem dll, I would still be floundering around.