Troj/VB-FRJ
Posted: December 6, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 16 |
First Seen: | December 6, 2011 |
---|---|
Last Seen: | October 18, 2020 |
OS(es) Affected: | Windows |
Troj/VB-FRJ is a Trojan dropper that's associated with its fellow Trojan Troj/VB-FRI as well as with the worm Dorkbot. Because Dorkbot infections should be considered extremely-severe security risks and may lead to loss of personal information and even loss of control over your PC, Troj/VB-FRJ attacks should be dealt with promptly, and removing Troj/VB-FRJ should always use the most powerful anti-malware software that's within your discretion. SpywareRemove.com malware analysts warn that as of December 2011, Troj/VB-FRJ attacks have primarily-propagated through Facebook messages that are sent out by hijacked user accounts. Although these messages may look safe, a close inspection of their links will reveal that they contain a redirect to an unfamiliar website, and contact with this site can result in exposure to Troj/VB-FRJ, Troj/VB-FRI and other types of PC threats that should be avoided at all costs.
Troj/VB-FRJ – a Fake Windows File with Plenty of Helpers for Its Crimes
Troj/VB-FRJ is just one of several steps that are used in the intricate dance of a Dorkbot worm propagation ring. This ring also includes the usage of Troj/VB-FRI Trojans and fake Facebook messages that are sent out by compromised Facebook accounts. If you see a Facebook message from a friend that contains a link, inspect this link closely – although it may appear to be safe, chances are high that it could redirect you to Troj/VB-FRJ's website instead of to where it pretends to lead. Since Troj/VB-FRJ and Troj/VB-FRI are both very recent Trojans, you may need to update your anti-malware software before it can protect your PC from Troj/VB-FRJ attacks. However, the most effective defense against Troj/VB-FRJ is simply to be cautious about unusual Facebook links.
SpywareRemove.com malware researchers also encourage you to avoid sharing removable drive devices or network-shared files if you suspect that your PC has been compromised by a Troj/VB-FRJ attack. Because Troj/VB-FRJ's ultimate payload, the Dorkbot worm, is capable of copying itself to arbitrary locations and launching itself once it detects a new PC to infect, networks and removable drives are in high danger of being infected by a Troj/VB-FRJ-related PC threat.
Why You'll Want to Keep a Tight Grip on Your Passwords with Troj/VB-FRJ Around
Although Troj/VB-FRJ's role is currently-limited to assisting with the installation the Dorkbot worm, future variants of Troj/VB-FRJ may be reconfigured for other purposes, and Dorkbot worms, in any case, exhibit a broad range of perils for any Windows PC. Attacks that SpywareRemove.com malware analysts have linked to Troj/VB-FRJ's Dorkbot payload include:
- Backdoor-based control over your PC by remote hackers.
- System files (such as the Registry Editor) that are modified to be dysfunctional.
- PC security websites that are blocked from your web browser.
- Stolen web browser-transferred information such as passwords, financial transaction data and login credentials. Internet Explorer, Firefox and FTP-based programs are particularly-vulnerable
Unfortunately, Dorkbot worms use advanced process-hooking techniques to avoid deletion, and Troj/VB-FRJ itself is often disguised in the form of a normal Windows file. However, SpywareRemove.com malware researchers note that a sufficiently-advanced anti-malware program can detect and remove Troj/VB-FRJ and any related infections.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Documents and Settings\<username>\Local Settings\Temp\WIN2.tmp.exe
File name: C:\Documents and Settings\<username>\Local Settings\Temp\WIN2.tmp.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.