VBS.Phybre is Visual Basic Script (VBS) Trojan horse. It copies itself into the \Windows\System folder as VBS.Phybre.vbs and modifies the registry so that this file is executed when Windows starts. If the current minute is :39, then the script's payload is activated as follows:
- A message is displayed that indicates how many times the script has been run and how many times you have been notified of its presence.
- It attempts to configure the registry so that the script is executed any time that an .htm or .html file is opened on the computer.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.