Etap

Classification

Category:

Malware

Type:

-

Platform:

-

Aliases:

Simile, Metaphor

Summary

Etap is a cross-platform virus, infecting Windows executables and Linux ELF Executables. It was found in February 2002.

This virus has never been widespread. It is difficult to detect reliably as it is encrypted with variable encryption and it uses entry-point obfuscation techniques, which easily create false alarm problems for anti-virus programs.

Removal

Database Update

A fix for this false alarm was shipped on Wednesday December 18th, 2002 through normal update channels. The false alarm is fixed with the following F-Secure Anti-Virus update: 2002-12-18_01

Suspect a file is incorrectly detected (a False Positive)?

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest detection database updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    NOTE If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note You need administrative rights to change the settings.

For more Support

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

FALSE ALARM INFORMATION

F-Secure Anti-Virus definition update shipped late on December 17th 2002 contained a false alarm for the Etap virus.

This update will result in F-Secure Anti-Virus erronuously detecting the "Win32.Etap" virus in several clean files.

Examples of such clean files include:

RSE.DLL in Autodesk Inventor 6 SP1

VISLIB32.DLL from Microsoft Visio

S32GUIL.DLL from Norton Utilities

LXAKWEB.EXE from Lexmark drivers

3DADVSIM.DLL from AlphaCAM

3DVERIFY.DLL from AlphaCAM

NETWORKSENSOR.DLL from ISS Network Sensor

IPANEL.EXE from FORAN

You can safely ignore Etap warning on these files.