« Application.Apophis_Spy
Trojan.RogueAV.a.gen »

Trojan.Win32.Agent.crhz

No Comments
Sumo3000 By Sumo3000 in Trojans | 8 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Translate To:     Español  |   Português

Trojan.Win32.Agent.crhz Description

Trojan.Win32.Agent.crhz is able to penetrate a computer system and modify the registry to ensure that it’s loaded with each system start-up. Trojan.Win32.Agent.crhz exploits security holes and system vulnerabilities to enter a system. Trojan.Win32.Agent.crhz may be involved in the promotion and spread of a certain rogue anti-spyware programs. Trojan.Win32.Agent.crhz may also make an infected PC vulnerable to other malware attacks by opening a conduit through which an attacker can gain remote access. Trojan.Win32.Agent.crhz should be eradicated once detected.

Type: Trojans

Aliases: Trojan:Win32/Obvesa.A (Microsoft), Win32/Dzan.E (AhnLab).

How Can You Detect Trojan.Win32.Agent.crhz?

 
 

Download SpyHunter’s Detection Scanner
to Detect Trojan.Win32.Agent.crhz.

 
 

Trojan.Win32.Agent.crhz Technical Report

As new Trojan.Win32.Agent.crhz details are reported by our customers and findings from our Threat Research Center, we will update this section.

Trojan.Win32.Agent.crhz’s Country of Origin:

  • China

Trojan.Win32.Agent.crhz has typically the following processes in memory:

  • %Windir%\INETINFO.exe
  • %Windir%\messenger\messenger.exe
  • %System%\temp.dll
  • %System%\Setup\licxnoc.dll

Trojan.Win32.Agent.crhz creates the following registry entries:

  • [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra\Enum]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA\0000\Control]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra\Enum]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA\0000\Control]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra\Security]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA\0000]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra\Security]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA\0000]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA]
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 12/9/09 and is filed under Trojans. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Popular Malware

Track Malware Around the World

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Additional Terms and Conditions
Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.