Posted: February 24, 2011

Worm:Win32/VB.AQ Description

If you've noticed mysteriously altered browser settings, unidentified files in your operating system folders or malware being dropped onto your system, you may have a Worm:Win32/VB.AQ infection. The Worm:Win32/VB.AQ worm will propagate through network exploits and serves double duty as both spyware and a Trojan horse for other malware. The level of severity presented by this threat is quite extreme, so be diligent in deleting Worm:Win32/VB.AQ if you think it's slipped onto your hard drive.

Tagging and Bagging a Spreading Pest

Worm:Win32/VB.AQ and other worms just like Worm:Win32/VB.AQ may propagate immensely through various methods, but one of the primary confirmed tactics is to use network-based exploits. By infecting files shared over networks, Worm:Win32/VB.AQ can quickly spread to anyone network user who interacts with those files. In such instances, having security software not just constantly running but constantly updated is your best defense against the worm you didn't know was there.

Because Worm:Win32/VB.AQ may spread copies of itself to different locations on infected systems, including folders central to operating systems, deleting Worm:Win32/VB.AQ manually isn't the recommended course of action. Instead, one should usually make use of automated anti-malware scanners that can catch all copies of Worm:Win32/VB.AQ and thoroughly expunge them.

Excessive delay in removing Worm:Win32/VB.AQ can result in very serious and possibly permanent damage to a computer, since the infection may corrupt files Windows requires to function. The sooner you get around to deleting Worm:Win32/VB.AQ, the sooner your computer will be in one piece tomorrow.

The Worm That's a Trojan and a Spy, Too

Although Worm:Win32/VB.AQ's rapid reproduction as a worm remains its defining characteristic, Worm:Win32/VB.AQ also has some traits of spyware and Trojans. Some reports have indicated that Worm:Win32/VB.AQ can download malware onto your machine. Additional malware makes it that much more difficult to delete Worm:Win32/VB.AQ, since these other attackers are very likely to block needed security programs.

Worm:Win32/VB.AQ is also confirmed spyware, and will monitor various activities that take place on infected computers, only to turn around and send reports out to third-party IRC servers. This behavior puts every file on your system as well as even unsaved keyboard and microphone input at risk of being leaked.

As a violator of your privacy, an attacker on your system, and an enabler for even worse malware, Worm:Win32/VB.AQ presents a very hostile front. You should respond with matching hostility and delete Worm:Win32/VB.AQ without a hint of mercy.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %ProgramFiles%\MSN\MSNIA\msniasvc.exe
    2 %ProgramFiles%\MSN\MSNIA\prestp.exe
    3 %ProgramFiles%\MSN\MsnInstaller\msninst.exe
    4 %ProgramFiles%\NetMeeting\cb32.exe
    5 %ProgramFiles%\Outlook
    6 %ProgramFiles%\Outlook Express\msimn.exe
    7 %ProgramFiles%\Web Publish\WPWIZ.EXE
    8 %ProgramFiles%\Windows Media Player\migrate.exe
    9 %ProgramFiles%\Windows Media Player\mplayer2.exe
    10 %ProgramFiles%\Windows Media Player\setup_wm.exe
    11 %ProgramFiles%\Windows NT\dialer.exe
    12 %Windir%\Cache\Adobe Reader 6.0.1\ENUBIG\setup.exe
    13 %Windir%\pchealth\helpctr\binaries\HelpCtr.exe
    14 %Windir%\pchealth\helpctr\binaries\HelpHost.exe
    15 Express\oemig50.exe

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Worm:Win32/VB.AQ may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Worms Worm:Win32/VB.AQ

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.