If you've noticed mysteriously altered browser settings, unidentified files in your operating system folders or malware being dropped onto your system, you may have a Worm:Win32/VB.AQ infection. The Worm:Win32/VB.AQ worm will propagate through network exploits and serves double duty as both spyware and a Trojan horse for other malware. The level of severity presented by this threat is quite extreme, so be diligent in deleting Worm:Win32/VB.AQ if you think it's slipped onto your hard drive.
Tagging and Bagging a Spreading Pest
Worm:Win32/VB.AQ and other worms just like Worm:Win32/VB.AQ may propagate immensely through various methods, but one of the primary confirmed tactics is to use network-based exploits. By infecting files shared over networks, Worm:Win32/VB.AQ can quickly spread to anyone network user who interacts with those files. In such instances, having security software not just constantly running but constantly updated is your best defense against the worm you didn't know was there.
Because Worm:Win32/VB.AQ may spread copies of itself to different locations on infected systems, including folders central to operating systems, deleting Worm:Win32/VB.AQ manually isn't the recommended course of action. Instead, one should usually make use of automated anti-malware scanners that can catch all copies of Worm:Win32/VB.AQ and thoroughly expunge them.
Excessive delay in removing Worm:Win32/VB.AQ can result in very serious and possibly permanent damage to a computer, since the infection may corrupt files Windows requires to function. The sooner you get around to deleting Worm:Win32/VB.AQ, the sooner your computer will be in one piece tomorrow.
The Worm That's a Trojan and a Spy, Too
Although Worm:Win32/VB.AQ's rapid reproduction as a worm remains its defining characteristic, Worm:Win32/VB.AQ also has some traits of spyware and Trojans. Some reports have indicated that Worm:Win32/VB.AQ can download malware onto your machine. Additional malware makes it that much more difficult to delete Worm:Win32/VB.AQ, since these other attackers are very likely to block needed security programs.
Worm:Win32/VB.AQ is also confirmed spyware, and will monitor various activities that take place on infected computers, only to turn around and send reports out to third-party IRC servers. This behavior puts every file on your system as well as even unsaved keyboard and microphone input at risk of being leaked.
As a violator of your privacy, an attacker on your system, and an enabler for even worse malware, Worm:Win32/VB.AQ presents a very hostile front. You should respond with matching hostility and delete Worm:Win32/VB.AQ without a hint of mercy.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\MSN\MSNIA\msniasvc.exe 2 %ProgramFiles%\MSN\MSNIA\prestp.exe 3 %ProgramFiles%\MSN\MsnInstaller\msninst.exe 4 %ProgramFiles%\NetMeeting\cb32.exe 5 %ProgramFiles%\Outlook 6 %ProgramFiles%\Outlook Express\msimn.exe 7 %ProgramFiles%\Web Publish\WPWIZ.EXE 8 %ProgramFiles%\Windows Media Player\migrate.exe 9 %ProgramFiles%\Windows Media Player\mplayer2.exe 10 %ProgramFiles%\Windows Media Player\setup_wm.exe 11 %ProgramFiles%\Windows NT\dialer.exe 12 %Windir%\Cache\Adobe Reader 6.0.1\ENUBIG\setup.exe 13 %Windir%\pchealth\helpctr\binaries\HelpCtr.exe 14 %Windir%\pchealth\helpctr\binaries\HelpHost.exe 15 Express\oemig50.exe
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Worm:Win32/VB.AQ may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.