BitDefender found three files 'infected' with virtool.vbs.jap and 'deleted' them - have not found any info on the web about what this might be and whether it is indeed a threat... ?

Thanks for help...

It seems to be a whole family of malware. here is a list of the variants It seems it is likely a rootkit in some of it's variants.

http://www.viruslist.com/en/viruses/encyclopedia?virusid=55457

Thanks so much - any information on what this type of malware does, or can do... ?

NOD32 did not find it, so was wondering how this might have affected the computer, while it has been living there... ?

The three files were kind of important, and they are backed up on an external drive - can they be cleaned of this malware and re-accessed...?

Have been concerned lately about possible keylogging - and whether NOD32 can identify those... ?

Sorry hope this is not jumping around too much... :-)

check this Dr.Web link for some more info http://info.drweb.com/search/?q=virtool&searchin=virlib

The virtool family is not a virus or rootkit, it's simply a familly of "tools" to create or isntruct or some other stuff that don't fall in a virus category. As an example, a password decoder for RDP file that I downloaded lately was detected as a virtool.8354.

In your case it seems BD thaught those file where some manual for creating worms or trojan. Might be a false positive in this case, maybe upload them to virustotal to make sure?

Also, you might want to change BD behavior to quarantine infected file instead of deleting so that if you get false positive, you can get the files back.

Hope this help

-{ Quote: "The virtool family is not a virus or rootkit, it's simply a familly of "tools" to create or isntruct or some other stuff that don't fall in a virus category. As an example, a password decoder for RDP file that I downloaded lately was detected as a virtool.8354.

In your case it seems BD thaught those file where some manual for creating worms or trojan. Might be a false positive in this case, maybe upload them to virustotal to make sure?

Also, you might want to change BD behavior to quarantine infected file instead of deleting so that if you get false positive, you can get the files back.

Hope this help" }-

That seems to contradict several of the major AV companies concerning the virtool family.

Thank you - what do the major AV companies say about this virtool... ?

Still trying to make a decision on how to deal with the backup copies...

Not sure about uploading personal files to 'virustotal' website... ?

-{ Quote: "Thank you - what do the major AV companies say about this virtool... ?

Still trying to make a decision on how to deal with the backup copies...

Not sure about uploading personal files to 'virustotal' website... ?" }-


I found my info through Google. But the info I found seems to indicate that Virtools are Hacker related such as trojans and other malware along with trojan construction tools. Kaspersky has some good info on the subject. http://www.viruslist.com/en/viruses/encyclopedia?virusid=55457 and here http://www.viruslist.com/en/find?search_mode=full&words=VirTool&x=18&y=9