1. Symantec/
  2. Security Response/
  3. VBS.Phybre


Risk Level 1: Very Low

June 8, 2001
February 13, 2007 11:59:39 AM
Also Known As:
VBS.Fiber, VBS.Ruzz
Trojan Horse

VBS.Phybre is Visual Basic Script (VBS) Trojan horse. It copies itself into the \Windows\System folder as VBS.Phybre.vbs and modifies the registry so that this file is executed when Windows starts. If the current minute is :39, then the script's payload is activated as follows:
  • A message is displayed that indicates how many times the script has been run and how many times you have been notified of its presence.
  • It attempts to configure the registry so that the script is executed any time that an .htm or .html file is opened on the computer.

Antivirus Protection Dates

  • Initial Rapid Release version June 8, 2001
  • Latest Rapid Release version June 8, 2001
  • Initial Daily Certified version June 8, 2001
  • Latest Daily Certified version June 8, 2001
  • Initial Weekly Certified release date pending
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Brian Ewell

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube