Avira Virus Lab

‹ Back

TR/Obfuscate.696770

Summary
  • Name
    TR/Obfuscate.696770
  • Date discovered
    Oct 1, 2015
  • VDF version
    7.11.234.92 (2015-05-22 01:03)
Description

The term 'TR' denotes a trojan horse that is able to spy out data, violate your privacy, or perform unwanted modifications to the system.

  • VDF
    7.11.234.92 (2015-05-22 01:03)
  • Aliases
    AVG: Crack.MG
    F-PROT: W32/Agent.KFY (exact, not disinfectable)
    Microsoft: Trojan:Win32/Dorv.B!rfn
    G Data: Dropped:Application.Patcher.Q
    ESET: Win32/HackTool.Patcher.AD potentially unsafe application
  • Files
    The following files are deleted:
    • %TEMPDIR%\RarSFX0\__tmp_rar_sfx_access_check_110468
    The following files are created:
    • %TEMPDIR%\RarSFX0\__tmp_rar_sfx_access_check_110468
    • %TEMPDIR%\RarSFX0\setup.exe
    • %APPDATA%\Microsoft\Protect\S-1-5-21-602162358-879983540-682003330-1003\c7a17232-72d3-4e13-ba3b-371094f4dc51
    The following files are changed:
    • %APPDATA%\Microsoft\Protect\CREDHIST
    • %APPDATA%\Microsoft\Protect\S-1-5-21-602162358-879983540-682003330-1003\Preferred