VirTool:Win32/Obfuscator.XX Description

Microsft Windows has built-in essential security mechanisms that may notify PC users of a detected VirTool:Win32/Obfuscator.XX threat. Security experts note that the VirTool:Win32/Obfuscator.XX detection is a broad term that encompasses programs that are obfuscated deliberately to prevent runtime analysis and code execution prevention. Technically, VirTool:Win32/Obfuscator.XX may be a detection of ransomware, backdoor trojans, RATs, worms, viruses and trojan downloaders. Users that are presented with security alerts about VirTool:Win32/Obfuscator.XX should revise recently installed free programs, check their extension managers for suspicious additions and ensure that they are using the most recent version of Java and Adobe Flash Player. Given the broad spectrum of malware that could be detected as VirTool:Win32/Obfuscator.XX you should take into consideration that most cyber threats are propagated as attachments to spam mail, and you may want to check your Downloads folder.

VirTool:Win32/Obfuscator.XX may appear as an archive file but don't be fooled by its icon because it may have a double file extension and prove to be an executable program. The VirTool:Win32/Obfuscator.XX malware may contain the payload of threats like CrypVault and TorrentLocker that are famous for their obfuscation techniques. Advanced obfuscation methods can be seen in Xpiro and AutoIt/Fadef that could extract valuable credentials from infected systems. Computer users should employ the services of a renowned anti-malware solution to prevent malware in the VirTool:Win32/Obfuscator.XX category from running on their PC, steal valuable data and install other malware.

Aliases: Trojan.Win32.Scar!IK, TROJ_SPNR.06HI12, Artemis!D46F296693C7 [McAfee], Heuristic.LooksLike.Win32.Suspicious.F [McAfee-GW-Edition], TROJ_GEN.R4FCELM, Trojan.Win32.Heur.Gen, Packed_TheMida.B, Generic.grp!ec [McAfee], (Suspicious) - DNAScan [CAT-QuickHeal], W32/Black.A!tr [Fortinet], Trojan.Win32.Scar [Ikarus], Trojan.Packed.Libix.Gen.2 (B), TR/Dropper.Gen [AntiVir], Trojan.Packed!pyeRI8fN5Go and Win32:Banker-KBN [Trj] [Avast].

Technical Information

File System Details

VirTool:Win32/Obfuscator.XX creates the following file(s):
# File Name Size MD5 Detection Count
1 D:\Tally.ERP9\tally.exe 3,985,408 d0c60fae72ea3749f04b711b88230107 2,667
2 %PROGRAMFILES%\Pegasys Inc\TMPGEnc DVD Author 3 with DivX Authoring\TMPGEncDVDAuthor3.exe 4,357,632 fa491a0eb9cd1675e3d032cea2775c3f 56
3 %PROGRAMFILES%\CyberPlanet\actualizador.exe 999,144 1f6e2ff217ad06c4cb40d9964f41b3fd 45
4 %PROGRAMFILES%\Easy downloads\EasyDownloads.exe 825,368 f29e5a8475aace521e9993543754c786 36
5 %PROGRAMFILES%\LingvoSoft\LingvoSoft Talking Dictionary 2008 (English-Persian (Farsi)) for Windows\LDStub.exe 2,625,667 f897ad390168dfca209841fa8810841a 36
6 %WINDIR%firefox.exe 3,904,512 2ec3705b6072ec003732e4d99c28d9b4 11
7 %PROGRAMFILES(x86)%\Laser Controller\laser.exe 3,142,656 afb42069447d9c4164ba312deb5ce977 8
8 %WINDIR%temps.exe 2,837,504 7da2c02cdfca6f5499976224f6feb727 8
9 %COMMONPROGRAMFILES%\FwxhxiV\LwkxqdY.exe 1,592,832 33a6fa202f48c1b9042d6980ff4a62e5 5
10 %USERPROFILE%\Meus documentos\MISTURA DE RITIMOS 02\Amado Batista Alucinação.exe 1,489,408 20cedfad4359c817390dbdcc95f3ff3c 5
11 %WINDIR%\system32\ipsechlp.exe 397,400 30b2b3b7f3d3b37fea1113d00220fd8e 3
12 %ALLUSERSPROFILE%\Application Data\a740b0\PSa74_2247.exe 5,012,992 8e08b1e92a024386479c6bae9e70fae4 3
13 %LOCALAPPDATA%waconsts.dll 80,384 505d588b92a609931b07921345aa4add 2
14 %LOCALAPPDATA%nerACD.dll 90,112 c51b190e86e83e44697e292319437418 2
15 %ALLUSERSPROFILE%\DtykfmJ\IhgwkmT\GxvhdaB.exe 1,467,392 c5678e0508d6e4f5ed749e1419b62177 2
16 %APPDATA%\Microsoft\Windows\System\wchksys.exe 144,384 bb759d37432e6d5d744214eebf7346ef 2
17 %WINDIR%syst32.exe 2,455,552 a4270648b3e2496897cc5f300b435fa4 2
18 %WINDIR%tenthas.exe 2,692,608 dbfbcdded55eb8e4d9dbd492f91474a0 2
19 %WINDIR%mshicwer.dll 79,360 ae9ca423fdee3568885ae201104f2894 1
20 %ALLUSERSPROFILE%\882d3b\IA882_2211.exe 3,580,416 16dd0001a1c8b27ab4c2db3fcc3d0c61 1
21 %ALLUSERSPROFILE%\f8a188\IAf8a_2164.exe 3,579,904 2440c41dfe11f7ae1d3d3ee6f7b59523 1
22 %ALLUSERSPROFILE%\Dati applicazioni\8565c9\IA856_289.exe 3,583,488 0b5487b3f6c401dcdda00c75901d6b89 1
23 %ALLUSERSPROFILE%\96599e\IA965_302.exe 3,599,872 5dce68809f701a77de6eb3fa56c5b34d 1
24 %WINDIR%\Shell_Update\Shell_Update.exe 2,297,856 69276bab749f4f06e148031d68af92bf 1
25 %COMMONPROGRAMFILES%\Flash Player\000003B214FA9539.exe 1,548,800 63dbf019d5f1edf0abf53fc675fe6a72 1
26 %SystemDrive%\Recycle.Bin\B6232F3A65D.exe 224,256 c2ff997255f81a0042b6b58e20d1ddcc 1
More files

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.