Home Malware Programs Viruses Virus.Win32.VBInject

Virus.Win32.VBInject

Posted: July 26, 2010

Threat Metric

Threat Level: 8/10
Infected PCs: 2,340
First Seen: November 30, 2010
Last Seen: July 27, 2022
OS(es) Affected: Windows

Virus.VBInject is a generic name for virus threats that obscure their code to avoid being detected. As an overall package that protects internal code, Virus.Win32.VBInject can be configured to perform almost any kind of malicious attack. Some common types of Virus.VBInject attacks include disabling Windows security programs, installing malicious programs, restricting your use of user account settings and abusing the Windows Registry to allow Virus.VBInject to start whenever Windows starts. The extreme variability of any possible Virus.Win32.VBInject infection means that you should assume that this threat is potentially urgent and needs to be removed using the best anti-malware software that's at your disposal.

Virus.VBInject: The Wrapper Around a Not-So-Tasty Payload

The Virus.VBInject label may be used for virtually any threat that uses a common method of obscuring Virus.Win32.VBInject's code. This concealment tactic uses Visual Basic to create a loader that can hold almost any sort of malicious code. Since the internal code is encrypted, Virus.VBInject may avoid being detected by otherwise effective security programs.

What distinguishes a Virus.VBInject threat from a standard Trojan is the fact that the internal payload is never installed in the form of a separate program. Instead, Virus.VBInject keeps the code internal while running it, insuring that Virus.VBInject's payload remains hidden both before and after installation.

A brief sampling of some of the Virus.VBInject threats includes VirTool:Win32/VBInject.gen!CR, VirTool:Win32/VBInject.gen!E, VirTool:Win32/VBInject.gen!BZ, VirTool:Win32/VBInject.gen!DN and VirTool:Win32/VBInject.gen!EE. Many of these variants of Virus.Win32.VBInject and others have been seen attacking PCs as late as 2011 and may require fully-updated software to be removed.

Some Common Virus.VBInject Attacks to Parry Away from Your PC

Unfortunately, Virus.VBInject infections don't have any set symptoms that would allow you to identify them. On the contrary, many types of Virus.VBInject will inject their processes into native memory processes and avoid showing any signs of their presence.

However, some Virus.VBInject attacks are more common than others, and can include:

  • Some variants of Virus.Win32.VBInject will attempt to disable security-related Windows features, including your UAC or User Account Control features and the Windows Firewall.
  • Many forms of Virus.VBInject that have been seen attacking the Windows Firewall are also known for downloading and installing other harmful programs onto your PC. This can include keyloggers that record keyboard input, rogue security programs that create fake infection warnings, worms, viruses and other Trojans.

The vast amount of possible Virus.Win32.VBInject threats makes manually removing Virus.VBInject an exceptionally difficult chore. Instead of trying to identify and delete all Virus.VBInject components without help, it's strongly encouraged for you to use an anti-malware program. Update your software before scanning your computer and launch your system scans in Safe Mode to maximize the chance of removing Virus.VBInject.

Virus.Win32.VBInject

Aliases

Bck/Bifrost.gen [Panda]Generic24.CMYK [AVG]W32/Menti.HYVE!tr [Fortinet]Trojan.Win32.Buzus [Ikarus]Trojan/Win32.Buzus [AhnLab-V3]Trojan:Win32/Bumat!rts [Microsoft]Win32/Buzus.AFK [eTrust-Vet]TR/Buzus.aktb [AntiVir]BackDoor.Bifrost.23284 [DrWeb]Gen:Variant.Kazy.22934 [F-Secure]Gen:Variant.Kazy.30447 [BitDefender]Trojan.Win32.Menti.hyve [Kaspersky]Trojan.Menti-39 [ClamAV]Win32:Bifrose-FEI [Trj] [Avast]W32/Buzus.O.gen!Eldorado [F-Prot]
More aliases (1968)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%APPDATA%\xivwxuaggnirrpeecys.exe File name: xivwxuaggnirrpeecys.exe
Size: 1.09 MB (1097538 bytes)
MD5: edbe1588b8b406c95c3f7bca6248c99e
Detection count: 89
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: January 8, 2013
%TEMP%\0006f08c.exe File name: 0006f08c.exe
Size: 294.91 KB (294912 bytes)
MD5: cf0138e3011e341b54c279a7fbe7591f
Detection count: 83
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: January 5, 2013
%APPDATA%\11AD.exe File name: 11AD.exe
Size: 98.3 KB (98304 bytes)
MD5: 146cd07f1b31ff186f1489a87eff3705
Detection count: 82
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: November 26, 2012
%USERPROFILE%\Dokumentumok\Downloads\Ashampoo.WinOptimizer.9.v9.04.31.Multilingual.Incl.Keygen.and.Patch-BRD\Ashampoo.WinOptimizer.9.v9.04.31.Multilingual.Incl.Keygen.and.Patch-BRD\Keygen\Keygen.exe File name: Keygen.exe
Size: 385.15 KB (385156 bytes)
MD5: dae0dba335557e8b38e5471170111ed7
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Dokumentumok\Downloads\Ashampoo.WinOptimizer.9.v9.04.31.Multilingual.Incl.Keygen.and.Patch-BRD\Ashampoo.WinOptimizer.9.v9.04.31.Multilingual.Incl.Keygen.and.Patch-BRD\Keygen
Group: Malware file
Last Updated: February 11, 2013
%APPDATA%\xivwxuaggnirrpeecys.exe File name: xivwxuaggnirrpeecys.exe
Size: 1.07 MB (1072485 bytes)
MD5: ed3341ee3afb338e2210e392a86789ed
Detection count: 59
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: February 12, 2013
%USERPROFILE%\76E6F6F6C64796B6\winlogon.exe File name: winlogon.exe
Size: 111.13 KB (111136 bytes)
MD5: 6ef56ade4e502cbb230750452cdb99a3
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\76E6F6F6C64796B6
Group: Malware file
Last Updated: May 1, 2013
C:\Users\<username>\Documents\mr kamal memory\16F95F9466F104B079E8\04F12E4B69A7788271.exe File name: 04F12E4B69A7788271.exe
Size: 113.69 KB (113696 bytes)
MD5: 6acbca272a0cfae43234f06bf77a6899
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\Documents\mr kamal memory\16F95F9466F104B079E8\04F12E4B69A7788271.exe
Group: Malware file
Last Updated: February 7, 2022
%TEMP%\0018bc2d.exe File name: 0018bc2d.exe
Size: 114.68 KB (114688 bytes)
MD5: 545458843dc72d64c97b992cbb330e57
Detection count: 15
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: November 28, 2012
%APPDATA%\BB28.exe File name: BB28.exe
Size: 536.57 KB (536576 bytes)
MD5: 4147f4f875ab522bdedad41116b5edb0
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: April 29, 2013
%APPDATA%\3072.exe File name: 3072.exe
Size: 659.45 KB (659456 bytes)
MD5: 1a120da0b885f6e32e95b5282b9d1dc5
Detection count: 11
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: April 29, 2013
%USERPROFILE%\362616\winlogon.exe File name: winlogon.exe
Size: 114.72 KB (114720 bytes)
MD5: 6e164f9a3637df3a98254cfc8bff7347
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\362616
Group: Malware file
Last Updated: November 8, 2012
%SystemDrive%\WinDir\Svchost.exe File name: Svchost.exe
Size: 774.14 KB (774144 bytes)
MD5: a1d03bb2f56e560b660ed58b046fd283
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\WinDir
Group: Malware file
Last Updated: March 21, 2013
%USERPROFILE%\E6166794F52756269734\winlogon.exe File name: winlogon.exe
Size: 109.51 KB (109512 bytes)
MD5: e046d428c0413c24af64d3217fdeb774
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\E6166794F52756269734
Group: Malware file
Last Updated: January 21, 2013
%TEMP%\uubpCzI.exe File name: uubpCzI.exe
Size: 63.71 KB (63714 bytes)
MD5: 401cb83e56af178a47f0ac03f41aef1f
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: December 28, 2012
%APPDATA%\AdobeUpdater.exe File name: AdobeUpdater.exe
Size: 102.4 KB (102400 bytes)
MD5: 897d8275d31d481bdb6d0d03c49edb55
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 17, 2012
%ALLUSERSPROFILE%\Local Settings\Temp\msiuiauv.exe File name: msiuiauv.exe
Size: 110.59 KB (110592 bytes)
MD5: 9676b0ced005bc6e2785b228ec171dac
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Local Settings\Temp
Group: Malware file
Last Updated: January 8, 2013
%APPDATA%\APN\APN.exe File name: APN.exe
Size: 225.28 KB (225280 bytes)
MD5: 2761ae43e4b06d036f6fdf6eaf1f98fb
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\APN
Group: Malware file
Last Updated: November 2, 2012
%APPDATA%\winlogon_aldibytill7_4KCFjP59XD.exe File name: winlogon_aldibytill7_4KCFjP59XD.exe
Size: 311.29 KB (311296 bytes)
MD5: 79e2be1dd8169ab1fa0c13021dedbbf3
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: November 19, 2012
%APPDATA%\Mozilla\Mozilla.exe File name: Mozilla.exe
Size: 143.36 KB (143360 bytes)
MD5: 8df75d54f49302991fc1969a39dd4f68
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Mozilla
Group: Malware file
Last Updated: November 26, 2012
%APPDATA%\Eaxeazlog\wolrsnino.exe File name: wolrsnino.exe
Size: 69.63 KB (69632 bytes)
MD5: 9d02b774afafc1586918d94e6031fad7
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Eaxeazlog
Group: Malware file
Last Updated: February 22, 2013

More files
Loading...