x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Gibe

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Gibe
Technical name:W32/Gibe
Threat level:Low
Type:Virus
Effects:  It creates files on the desktop and simulates a Windows update.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:March 7, 2002
Detection updated on:Sept. 21, 2009
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 

    

Gibe is a worm that spreads via e-mail in a message that always includes an attached file called: Q126309.EXE.

Its effects are more annoying than damaging, as when Gibe carries out its infection, it simulates a Windows update while it install the components it needs to carry out infection.

Visible Symptoms 

    

Gibe is easy to recognize, as it reaches computers in an e-mail message with the subject: Internet Security Update and an attached file called Q126309.EXE .

When the attached file is run, a message is displayed that prompts users to confirm if they want to install an update for Microsoft applications:

 

If the user clicks on Yes, Gibe simulates the installation of new components and displays the following message:
 
 
When it has carried out its actions, it displays the following message:
 
 
When this process is complete, if the user of the affected computer tries to run the attached file again, Gibe displays the following message:
 
 
Gibe also places 5 files on the desktop: BCTOOL.EXE, GFXACC.EXE, Q216309.EXE, WINNETW.EXE and 02_N803.DAT.