Troj/VB-FRI
Posted: December 6, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 5/10 |
|---|---|
| Infected PCs: | 21 |
| First Seen: | December 6, 2011 |
|---|---|
| Last Seen: | January 3, 2022 |
| OS(es) Affected: | Windows |
Troj/VB-FRI is a Trojan dropper that installs the Dorkbot worm, a PC threat that's capable of creating backdoor security holes, stealing passwords and blocking security sites. Troj/VB-FRI is often accompanied by the Trojan Troj/VB-FRJ, and recent attacks by these two Trojans have used misleading Facebook messages to propagate. SpywareRemove.com malware researchers recommend avoiding unusual links, even if they appear to be sent by friends, to minimize the risk of being infected by Troj/VB-FRI. Since Troj/VB-FRI rarely comes alone and is a recently-emerged PC threat, you should remove Troj/VB-FRI with a thorough scan of your PC by a suitable and up-to-date anti-malware program, if you have such a program available at all.
Troj/VB-FRI: A Menace to Your PC All Wrapped Up in Fake Text Messages
Troj/VB-FRI uses social engineering as its foremost defense and propagation path by pretending to be a safe link from a known acquaintance on Facebook. This link is posted by a Facebook account that's been compromised by Troj/VB-FRI or a related infection (such as the Dorkbot worm) – hence, even though the account itself may carry a friend's name, the messages that Troj/VB-FRI sends out are posted without that person's consent. Troj/VB-FRI links may appear to point to Facebook, but a close look will reveal that they redirect you to an unrelated website. This link is often coupled with a brief and generic message that attempts to lower your suspicion.
Links for Troj/VB-FRI may also install Troj/VB-FRJ, and together, these two Trojans will work to install a Dorkbot worm. Dorkbot worms are well-known for the following forms of harmful behavior, although SpywareRemove.com malware research team also warns they're not limited to these functions alone:
- Stealing passwords and other types of private data by intercepting web browser-transferred information.
- Creating serious security vulnerabilities that allow remote criminals to access and control the infected PC.
- Taking various actions to hinder anti-malware and security programs. This can include negatively-altered system files or blocked security websites from your browser.
- Infecting removable drives (such as USB storage devices) and using them to spread to any other computer that uses the same drive.
How to Deal with the Troj/VB-FRI Trio of PC Threats
Troj/VB-FRI and affiliated PC threats (like Troj/VB-FRJ and the Dorkbot worm) should be removed only by suitable anti-malware applications if you can access such programs. Because Dorkbot worms and other forms of malicious software that are linked to Troj/VB-FRI will use advanced methods to resist deletion, removing Troj/VB-FRI and its cohorts with anti-malware software is both much safer and more likely to succeed than removal via manual methods. Close attention to network and removable drive security may also be required to stop Troj/VB-FRI's payload, the Dorkbot worm, from infecting other computers.
However, as long as you're careful around Facebook links and don't click something that you don't recognize, SpywareRemove.com malware experts are pleased to note that the chance of being infected by Troj/VB-FRI is fairly-low. Troj/VB-FRI was identified in early December of 2011, and you may want to double-check the date of your anti-malware updates to be sure that you have a valid patch to identify Troj/VB-FRI incursions before they can root themselves on your PC.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.