W32/VBNA-X worm propagates quickly through systems and detachable media

W32/VBNA-X is a worm, but also displays features typically found in a Virus. Its most obvious method of distributing seems to be through the use of autorun.inf information decreased on detachable press and writable system stocks.

You would hope this technique wouldn’t be too effective on today’s PCs, though. Microsoft released up-dates for XP, 2003 and Windows vista in Feb 2011 to turn off Autorun on all press aside from “shiny disks.”

It is still not a bad idea to turn off Autorun/Autoplay more completely, which is quite easy to do according to Windows guidelines, which include a “FixIt.”

Most PCs will neglect autorun.inf information these days, so individuals must be hitting the viruses itself, but why?

It seems to be a mixture of brilliant social technological innovation, poor standard configurations and user negligence.

After developing the autorun.inf data declare the unpatched affected individuals, it starts to enumerate all of the computer file and directory names on writable stocks and detachable devices.

For example, say your E: drive is a system discuss with files known as au and r and information known as as.txt and Adobe.pdf.

It will set all of these to have the invisible feature and set a personal computer key to ensure invisible information are not shown.

Then it will create copies of itself known as Adult.exe, Sexy.exe, Security passwords.exe and Secret.exe moreover to developing a copy of itself for each genuine computer file and directory present on the volume.

The copies of the unique files and information will have their symbols set to the standard directory symbol in Microsoft windows 7.

In this screen shot you can see the unique files at the top displaying their Microsoft windows XP symbols and the cloned/Trojaned ones with the Microsoft windows seven symbols lower down.

The viruses seems to assume that you are not displaying additions, which is the standard in all produces of Microsoft windows.

Infected computer file discuss with additions and invisible information shownI can easily see how individuals browsing computer file stocks and USB pushes could unintentionally click the wrong directory, especially if the real files are set to invisible.

If we show additions and view all invisible information we see a very different picture.

In inclusion to the unique information and their impostors there are also information known as ..exe and …exe. The viruses is also known to write a zero byte computer file known as x.mpeg, although it did not do so in this test instance.

The viruses copies itself to the customer’s user profile using a unique computer file name and contributes a personal computer key to start the viruses on start.

Some versions are known to turn off Microsoft windows Upgrade to prevent the sufferer from receiving a spot or modified guidelines that may turn off it.

This entry was posted in spam news and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Nigerianspam.com is dedicated to all the hardworking people who have been scammed by the spammer or 419 scam frauds. Although our site concentrates on providing awareness of Nigerian 419 spam (scam), scam baiting, advance fee fraud, scam phising, also we deal with other types of fraud such as letter spam, e-mail scam, lottery spam as well. You can go through our scam baiting tips, it is just amazing way to deal with the spammer or scammer.

Nigerian Scam  |   419 Scam   |   Features of Scam  |   Mission  |   Research  |   Mail Archives  |   About Us   |   File A Complaint  |   Spam News  |   Origin Of Scam   |   Operation Of Scam   |   Consequences   |   Miscellaneous Scams   |   Scam Sites   |   FAQ   |   Contact Us  |   Scam Resources Links  |   Nigerian Scammers  |   Site Map  |   Mail Archives SiteMap  |   Scam Glossary  |   Scam Resources Books  |   Scam Checker Tool  |   Scam baiting   |   More Scam Sites  |  Scam Awareness Quiz  |   Celebrity Scam  |  Search Engine Genie  |   Bharat Udyog Ratna Award Scam Alert  |   Jeff Adams Real Estate Seminar   |   Russ Whitney Real Estate
free hit counter