Mal/VB-AER

Also, known by the alias Gen:Variant.Barys.2763, Mal/VB-AER is a PC threat that's distributed in fake e-mail messages that pretend to display photographs of an acquaintance. Strongly echoing an earlier spamming campaign that distributes the Trojan dropper Mal/Behav-043 under similar pretenses, Mal/VB-AER e-mail messages appear to be targeting primarily Francophiles although their French is clumsily-written and appears to have been created with a little help from translator tools. Opening the enclosed .zip file will infect your PC with Mal/VB-AER along with a Zbot variant that may steal bank-related information. Given the definite probability of a Mal/VB-AER infection including highly-invasive PC threats along with Mal/VB-AER, SpywareRemove.com malware research team underscores the usefulness of having anti-malware programs that can scan your PC for any and all types of malicious software and delete Mal/VB-AER safely and completely.

Why Prudishness Could Save Your PC from a Mal/VB-AER Savaging

Mal/VB-AER is a Visual Basic-coded executable file that uses e-mail spam to infect other computers. Mal/VB-AER e-mails are identifiable by their inclusion of a password-protected .zip file attachment, which contains Mal/VB-AER and a Zbot variant that may be detected as Troj/ZbotMem-B. The latter is especially noteworthy as a PC threat that specializes in stealing personal information, particularly information that's associated with online bank accounts. Current Mal/VB-AER e-mail campaigns use clumsily-phrased French messages to make it seem like the file attachment actually is a series of pictures sent by a known friend. The password is included on the main text (the body) and is a detail that hearkens back to previous spam campaigns in English, such as Troj/Agent-REX spam campaigns (also noteworthy as a form of spyware).

Obviously, declining this file attachment and deleting the e-mail right away can protect your PC from a potential Mal/VB-AER infection, although you may prefer to use anti-malware software to detect Mal/VB-AER and similar PC threats as they're downloaded. Mass-mailed e-mail messages that distribute malicious links and files like Mal/VB-AER are a typical source of exposure to many types of PC threats. Additionally, the fact that Mal/VB-AER's zip file is encrypted may impede its identification by some brands of anti-malware scanners. SpywareRemove.com malware researchers also recommend that you download any available updates for your software if you prefer to download and scan potential Mal/VB-AER files given that Mal/VB-AER was defined as a PC threat in the middle of this month.

Cracking into the Core of Mal/VB-AER's Features

Once you get past its premise of being saucy picture files, Mal/VB-AER is identifiable as a Trojan dropper that may also include backdoor features. Features of a typical Mal/VB-AER attack that SpywareRemove.com malware experts have considered worth notice are noted below:

• Mal/VB-AER will place other malicious files on your PC, potentially in multiple locations.
• Mal/VB-AER will modify Outlook Express files without your consent (potentially as part of spam distribution attacks or attempts to harvest e-mail addresses).
• Mal/VB-AER will remove cookies from Internet Explorer, a common attack that's often associated with password-stealing spyware that snatch private information once you reenter it.
• Mal/VB-AER will modify other Internet Explorer settings to reduce your web-browsing security against online attacks.

Many of these issues use the Windows Registry, and SpywareRemove.com malware researchers recommend repairing your Registry after deleting Mal/VB-AER in a scan, if your anti-malware software is incapable of doing so itself.

Technical Details