W32.Fakerecy


Aliases: WORM_VB.BDN, FakeRecycled, Trojan.VB.XFZ, Worm.Autorun.DU, Trojan.VB!sd5
Variants: Trojan.Win32.VB.aqt

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 18 Jan 2007
Damage: Low

Characteristics: W32.Fakerecy is among the virus that spreads itself to several removable drives and mapped drives. It’s also a self installer worm which also drops other parasites that may further damage your computer. It will use up all the space of your hard drive as it continuously copies itself multiple times. Once executed, the worm creates the following files: autorun.inf, desktop.ini, INFO2, ctfmon.ex, desktop.ini, ctfmon.exe.

More details about W32.Fakerecy

The worm then spreads by copying itself with the hidden and system attributes set to a fake Recycled folder. As it multiplies, it takes up space and this space becomes unusable while memory space is also lessened. This causes the computer or system to slow down and render the system inoperable. The virus sometimes changes the boot sector and this could result in the inability of the computer to run.

Expert users claimed that this malware, or those under the same category, is the one used by adware programs and viruses to spread its components to other machines. The backdoor may be used as a means of handling outgoing transmission used for infection. These may involve connecting to a Web server for the download and installation of malicious programs, file retrieval, updating malware or adware components, and other functions that require remote access. The backdoor created by this program may also be used by remote users to infiltrate the system for identity theft. Malicious users can use this invisible access point as a means to retrieve files or to scout the system for stealing important user information.