Here is what I found on it.
http://www.srnmicro.com/virusinfo/webber.htm

Webber is a backdoor Trojan, can be used to steal passwords in the infected system. It arrives as an e-mail attachment. The infected attachment name will be "web.da.us.citi.heloc.pif".
Also from: http://www.viruslibrary.com/virusinf...y.Win32.Webber(akaHeloc).htm
Webber is a Win32 trojan program that installs a hidden proxy server on victim machines (with up to 100 connections), reports IP addresses and cached passwords of victim machines to its 'master'. The trojan also downloads (from a URL) and executes other EXE files such as its upgrades.
Hope this helps, Specialist