Win32/VBDoc
Posted: May 29, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 16,964 |
---|---|
Threat Level: | 1/10 |
Infected PCs: | 1,190 |
First Seen: | May 28, 2013 |
---|---|
Last Seen: | September 19, 2023 |
OS(es) Affected: | Windows |
Win32/VBDoc is a worm that uses advanced means of hiding itself from both the computer user and any anti-malware software. Attacks by Win32/VBDoc worms are limited, but do include security issues, such as attempts to disabling the Windows update feature and preventing you from viewing Hidden-flagged files, which may make your computer vulnerable to attacks by other PC threats. Updated anti-malware products and all relevant security strategies should be used to contain and remove Win32/VBDoc, which has seen regular updates to its configuration throughout the past year.
Win32/VBDoc: Another Obstacle in Keeping Your Backup Storage Malware-Free
Worms like Win32/VBDoc and similar PC threats often use their own means of propagation that involve storing backup copies of themselves on a computer's hard drive, as well as infecting removable hard drives (such as any average USB device) in stealth. One of Win32/VBDoc's latest variants, Win32/VBDoc.H, makes use of the latter technique in an archetypal way: by hiding all the contents of your flash drive and then creating fake files that actually are more copies of Win32/VBDoc – but with the same names, including all file type indicators, as the original files. Only some specific file types are affected by this attack, including media-oriented ones such as MP3, WMV, WAV, PNG, and, of course, common text documents. When the device is plugged in to a new computer, Win32/VBDoc will try to use the Autorun feature (disabled in any updated version of Windows) to infect the computer automatically, but you also may infect the second computer by launching Win32/VBDoc's copycat files.
Win32/VBDoc's means of concealing the original files also prevents you from viewing any files that have been given the Hidden attribute. SpywareRemove.com malware researchers often see this function in a wide variety of other PC threats, which has widespread applicability for concealing many types of malicious software. A second way that Win32/VBDoc interferes with Windows is by disabling the automatic update feature, which allows related malware to take advantage of vulnerabilities that normally would be corrected by incoming security patches.
How Win32/VBDoc Manages to Hide in Plain Sight
Besides the functions Win32/VBDoc displays for concealing copies of itself, Win32/VBDoc also uses multiple functions that are designed to conceal Win32/VBDoc from both actual eyes and the metaphorical eyes of various anti-malware products. Win32/VBDoc will not run on any sandbox-protected PC, keeps its main body encrypted and launches itself automatically as Windows starts. SpywareRemove.com malware researchers particularly emphasize preventing Win32/VBDoc from spreading through removable devices, which, if they've been in contact with a Win32/VBDoc-infected PC, also will need to be disinfected.
As long as your anti-malware software is of a trustworthy brand and is updated for detecting recent threats, you should have the capacity of detect and disable all copies of Win32/VBDoc, including recent variants. However, the regular updates that Win32/VBDoc receives will make detecting Win32/VBDoc with outdated software more of a gamble than is necessary – or wise – for protecting your computer.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.