Avira Virus Lab

‹ Back

TR/Symmi.329728.1

Summary
  • Name
    TR/Symmi.329728.1
  • Date discovered
    Oct 1, 2015
  • VDF version
    7.11.207.110 (2015-02-05 04:01)
Description

The term 'TR' denotes a trojan horse that is able to spy out data, violate your privacy, or perform unwanted modifications to the system.

  • VDF
    7.11.207.110 (2015-02-05 04:01)
  • Aliases
    Avast: Win32:Malware-gen
    AVG: Downloader.Generic14.NNP
    G Data: Gen:Variant.Symmi.46163
    Kaspersky Lab: HEUR:Trojan.Win32.Generic
    Bitdefender: Gen:Variant.Symmi.46163
    ESET: Win32/TrojanDownloader.Delf.SGO trojan
  • Files
    The following files are changed:
    • %temporary internet files%\Content.IE5\index.dat
    • %USERPROFILE%\Cookies\index.dat
    • %USERPROFILE%\Local Settings\History\History.IE5\index.dat
    The following files are created:
    • %temporary internet files%\Content.IE5\A9SFWXZG\Workprorsesaopau12[1].gif
    • %DISKDRIVE%\Documents and Settings\All Users\winfac.gif
  • Registry
    The following registry entries are added:
    • HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings ("ProxyEnable": dword:00000000)
  • HTTP Requests
    • p.*****du.com/nmgif.gif
    • www.*****e.org.br/E32erdce0814/Workprorsesaopau12.gif