VBS/Joint-A
Posted: December 7, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 916 |
---|---|
Threat Level: | 5/10 |
Infected PCs: | 172,224 |
First Seen: | December 7, 2011 |
---|---|
Last Seen: | October 17, 2023 |
OS(es) Affected: | Windows |
VBS/Joint-A is a worm that spreads through USB-based devices and creates copies of its files on the majority of drives for any PC that VBS/Joint-A infects. Although VBS/Joint-A uniquely-lacks any major attack functions (such as keylogging or installing other forms of hostile software) to cause further attacks, its automatic propagation strategy is considered malicious, and VBS/Joint-A may also alter your file-viewing settings to conceal files with the Hidden attribute. Due to these properties, SpywareRemove.com malware experts recommend that you take VBS/Joint-A seriously as a danger to your PC and remove VBS/Joint-A with a good anti-malware program, even if VBS/Joint-A lacks any form of payload that could be used to cause further damage.
VBS/Joint-A: A Half-Neutered Nuisance for Your Removable Drives
Most PC security companies have identified VBS/Joint-A only in April of 2011; if you're using anti-malware software with earlier databases than the above date, your software may be unable to identify or delete VBS/Joint-A until it's allowed to download the appropriate patches. Unlike almost all other forms of PC threats, including other types of worms, VBS/Joint-A doesn't launch other attacks on your PC once VBS/Joint-A is installed. Instead, SpywareRemove.com malware analysts note that VBS/Joint-A seems to be content with infecting other computers and remaining passive thereafter. This makes rushing to remove VBS/Joint-A ASAP somewhat unnecessary, although VBS/Joint-A should still be considered potentially-harmful to your PC.
However, VBS/Joint-A's distribution tactic is identical to that of other worms: VBS/Joint-A creates hidden copies of itself on several drives and reinstalls itself if those drives are accessed by another PC. This lets VBS/Joint-A 'piggyback' on USB storage drives and other types of removable devices that are often used by multiple computers. VBS/Joint-A does use four separate files to accomplish this, including a standard Autorun.inf file exploit, and you should be certain to delete all of VBS/Joint-A's files in a system scan instead of just some of them.
VBS/Joint-A's Lone Act of Hostility Against Your PC
SpywareRemove.com malware researchers have also found that, besides using typical worm propagation methods, VBS/Joint-A also uses standard exploits to hide itself by forcing your PC to avoid displaying files that are flagged with the Hidden attribute. This setting change is based on Windows Registry changes that bypass any settings that you may have chosen from within Windows Explorer and prevents you from detecting any of VBS/Joint-A's numerous files with a visual inspection. However, good anti-malware programs that can remove VBS/Joint-A can also undo this exploit which is common for other worms like VBS/Joint-A.
Given that this is the only significant hazard that VBS/Joint-A poses, the threat of VBS/Joint-A to your PC is fairly-low. VBS/Joint-A may be detected by one of its aliases, depending on the brand of your anti-malware scanner; these aliases include VBS/SillyAutorunScript.R, VBS/Autorun.worm.k, Worm:VBS/Autorun.G, Trojan.VBS.Autorun.a, Virus.VBS.AutoRun.b, VBS.Runauto and Worm.Script.VBS.Autorun.y.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.