I ran a virus scan just now, and it came up with 1 detected virus. The name of the virus is "Gen:Variant.Symmi.6784 (1)".
What kind of virus is this? (Keylogger, Trojan Horse, etc).
Three answers:
Pinkie
2013-03-14 06:06:33 UTC
First: this is a generic signature that matches in your AV program.
Looking at the IAT I would say it is a dropper of some kind calling VirtualProtect, LoadLibraryA and VirtualAlloc.
Educated guess is VirtualProtect is used for gaining heightened privileges and then allocating space for some payload. Payload can be anything, most presumably something modern, as is implied by the signature being only a week old.
But most malware authors/kit users will want to earn money with it, so it will most likely be something to steal passwords, subvert online banking or mine bitcoins...
William
2016-08-22 08:21:34 UTC
2
Nunya
2013-03-13 16:37:29 UTC
Keylogger and trojan are not viruses...
A keylogger is spyware
a trojan is a trojan
That being said, it is just a generic malware (not even necessarily a virus. Virus scanners scan for both viruses and malware, not just viruses.
For more info on terminology:
http://en.wikipedia.org/wiki/Malware
ⓘ
This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.