1. /
  2. Security Response/
  3. VBS.Fiber.C

VBS.Fiber.C

Risk Level 1: Very Low

Discovered:
August 27, 2001
Updated:
February 13, 2007 11:37:07 AM
Type:
Trojan Horse

VBS.Fiber.C is a variant of the VBS.Fiber.A Visual Basic Script (VBS) Trojan horse. It copies itself into the \Windows\System folder as VBS.Lava.vbs and modifies the registry so that this file is executed when Windows starts. If the current minute is :15, then the script's payload is activated as follows:
  • A message is displayed that indicates how many times the script has been run and how many times you have been notified of its presence (but due to a bug does not show the number of notifications).
  • It attempts to configure the registry so that the script is executed any time that an .htm or .html file is opened on the computer


Antivirus Protection Dates

  • Initial Rapid Release version August 27, 2001
  • Latest Rapid Release version August 27, 2001
  • Initial Daily Certified version August 27, 2001
  • Latest Daily Certified version August 27, 2001
  • Initial Weekly Certified release date pending
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Low
Writeup By: Dave Adamczyk

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver