Follow:

You have been re-routed to the VirTool:Win32/VBInject.TE write up because VirTool%3aWin32%2fVBInject.TE has been renamed to VirTool:Win32/VBInject.TE
 

VirTool:Win32/VBInject.TE


VirTool:Win32/VBInject.TE is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.


What to do now

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Threat behavior

VirTool:Win32/VBInject.TE is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
 
A malicious file is generally encrypted and/or compressed and stored inside another program, which decodes the malicious file and loads it. The malicious program may be injected into a clean process or loaded in a new process of its own. Unlike a “dropper”, the malicious executable is never written to disk as a separate file.
 
Malicious programs detected as VirTool:Win32/VBInject.TE can have virtually any purpose, as this technique is utilized by many different malware families in the wild in order to protect them from detection or analysis.

Symptoms

VirTool:Win32/VBInject.TE is a generic detection for certain forms of obfuscated malware. The loader is written in Visual Basic and the malicious code is stored encrypted. The original file behaves as a loader for the encrypted malicious code, thus the code could have virtually any purpose.
 
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

Prevention


Alert level: Severe
First detected by definition: 1.115.2321.0
Latest detected by definition: 1.173.2181.0 and higher
First detected on: Nov 21, 2011
This entry was first published on: Dec 14, 2011
This entry was updated on: Dec 15, 2011

This threat is also detected as:
No known aliases