VirTool:INF/Vobfus.gen
Posted: July 2, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 12,334 |
|---|---|
| Threat Level: | 1/10 |
| Infected PCs: | 1,906 |
| First Seen: | July 2, 2013 |
|---|---|
| Last Seen: | September 5, 2023 |
| OS(es) Affected: | Windows |
VirTool:INF/Vobfus.gen is a malicious Autorun.info file that's used for deploying members of the Vobfus family of worms onto other computers that access compromised peripheral devices (USB drives, etc) or any network-accessible folders. While its own attacks are limited to helping spread Vobfus worms, VirTool:INF/Vobfus.gen often is accompanied by other PC threats with a wealth of diverse attacks, including such notorious malware as Sirefef and Trojan Zeus (a group of rogue anti-malware programs and a regularly-updated banking Trojan, respectively). Because VirTool:INF/Vobfus.gen is linked to worms that are highly infectious and include robust threat-downloading functions, SpywareRemove.com malware researchers recommend all due security defenses against worms, as well as powerful anti-malware software, for removing VirTool:INF/Vobfus.gen and every other type of malicious software related to VirTool:INF/Vobfus.gen.
VirTool:INF/Vobfus.gen: From Your Old Flash Drive to New Victims
VirTool:INF/Vobfus.gen is a relatively small component of a Vobfus infection, which is named for its combination of Visual Basic script and code obfuscation (the latter of which can hinder anti-malware analysis to some degree). Most worms include some degree of exploitation of the Windows AutoRun feature, which allows devices to launch automatically as soon as they're accessed by a new computer – and VirTool:INF/Vobfus.gen is Vobfus's vehicle of preference, enabling the primary Vobfus worm to infect a new computer that shares an infected USB flash drive or similar device. A similar method also works for file locations that are shared over a local network, and SpywareRemove.com malware experts consider it worth noting that, in many cases, these Vobfus files are intentionally named to look like other programs (such as the generic 'passwords.exe').
VirTool:INF/Vobfus.gen is, itself, automatically placed in such vulnerable locations on your PC while the primary Vobfus worm creates copies of itself in similar locations. However, PC threats linked to VirTool:INF/Vobfus.gen attacks also are known for including hefty threat-downloading functions; in some cases, these downloads even are semi-recursive in nature, allowing PC threats like Beebone Trojans to download Vobfus, or allowing Vobfus to download Beebone, whichever is convenient for the attacker. VirTool:INF/Vobfus.gen and other Vobfus PC threats also are known for heavy associations with Zeus/Zbot, Sirefef scamware, Fareit, Cutwail Trojans and Nedsym – the latter of which is a little-heard-about e-mail spambot.
Deworming All Your Devices for a Vobus-Free Computer Experience
Disabling the often-exploited Autorun feature is suggested by SpywareRemove.com malware experts, and can be considered one of the many potential defenses against VirTool:INF/Vobfus.gen problems. In any case where you suspect that VirTool:INF/Vobfus.gen or a PC threat from a related family (as listed in the paragraph above) is on your computer, you should make all necessary efforts to avoid accidentally spreading VirTool:INF/Vobfus.gen and related malware to other PCs. This means disinfecting and restricting all removable storage devices, as well as preventing other PCs from accessing yours through a network unless it's necessary.
Given the preponderance of specialized and high-level threats tied to VirTool:INF/Vobfus.gen, SpywareRemove.com malware experts can't recommend anything better than a very thorough anti-malware scan for removing VirTool:INF/Vobfus.gen and the rest of a Vobus worm from your computer. VirTool:INF/Vobfus.gen and other Vobfus components aren't designed to display symptoms of any type, although related payloads (such as Sirefef, which is displayed in the form of a fake anti-malware product) may include their own symptoms that are reasonably detectable by eye.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.