Worm.Win32.VB.bms

Worm.Win32.VB.bms is a Visual Basic-based worm that compromises removable hard drives and local networks as a means of distributing itself to new computers. While malware analysts still are examining the extent of Worm.Win32.VB.bms's payload, worms like Worm.Win32.VB.bms may be employed to install other threats or create security vulnerabilities that let third parties take over the infected PC. Any compromised PCs or devices should be isolated, with all copies of Worm.Win32.VB.bms removed by proper anti-malware equipment.

A Worm that Wears a Mask of Your Personal Files

Although many high-level threats use additional Trojans to reproduce and infect other machines, some forms of threats, including worms or viruses, are not so dependent on any secondary threats. Worm.Win32.VB.bms is a worm with peak activity in early to mid-2014 and includes functions meant to infect additional computers by confusing their users. Worm.Win32.VB.bms, like most worms, creates multiple copies of itself in EXE format, some of which are distributed to any accessible removable drives. Vulnerable devices may include a USB thumb drive, an SD card or a writable CD.

Worm.Win32.VB.bms names these clones after any preexisting files on the device. The original files are deleted or concealed through changes to your file-viewing settings. Worm.Win32.VB.bms' 'copy and replace' strategy allows Worm.Win32.VB.bms to install itself to a new computer whenever the user tries to open a 'safe' file that, in reality, is another version of Worm.Win32.VB.bms. As an additional warning, malware experts also caution against the possibility of Worm.Win32.VB.bms distributing its copies to any local network-shared folders, to be installed in a similar fashion.

Due to limited samples, malware experts have yet to finalize their analysis of the rest of Worm.Win32.VB.bms's intended attacks. Common worm attacks may include:

• Worm.Win32.VB.bms may create a backdoor that lets third parties access your PC, issuing system commands and modifying files at their leisure.
• Worm.Win32.VB.bms may install new threats (besides any copies of itself).
• Worm.Win32.VB.bms may change additional settings, along with the file-viewing settings that most worms modify to prevent their victims from viewing any hidden or system files.

Stopping Your Files from Hiding a Worm with Bad Intentions

Even in real life, uprooting a pest may require dealing with its habitat, and removing Worm.Win32.VB.bms also entails the effective use of security features and file settings. Monitoring any changes to your file-viewing settings, discrepancies in storage space and unusual resource expenditures can provide visual clues to spot Worm.Win32.VB.bms infections. Regular anti-malware scans also should be able to detect all copies of Worm.Win32.VB.bms and remove Worm.Win32.VB.bms from the infected drives. Removable devices and network-connected PCs also should be scanned for possible compromises.

Just as its basic code uses the old standby of the Visual Basic language, Worm.Win32.VB.bms uses well-aged methods of installing itself. Most PC users, when alert, should be able to notice the telltale signs of their files being replaced by worms like Worm.Win32.VB.bms. Any suspicions about the legitimacy of a file, even if it seems to be a well-known one on your personal device, should be resolved by a simple scan from your anti-malware solutions.