Trojan.Win32.Agent.crhz

By Sumo3000 in Trojans

Translate To:

Trojan.Win32.Agent.crhz is able to penetrate a computer system and modify the registry to ensure that it's loaded with each system start-up. Trojan.Win32.Agent.crhz exploits security holes and system vulnerabilities to enter a system. Trojan.Win32.Agent.crhz may be involved in the promotion and spread of a certain rogue anti-spyware programs. Trojan.Win32.Agent.crhz may also make an infected PC vulnerable to other malware attacks by opening a conduit through which an attacker can gain remote access. Trojan.Win32.Agent.crhz should be eradicated once detected.

Table of Contents

Aliases

2 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
-	Win32/Dzan.E
-	Trojan:Win32/Obvesa.A

File System Details

Trojan.Win32.Agent.crhz may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Windir%\INETINFO.exe
Name: %Windir%\INETINFO.exe Type: Executable File
2.	%Windir%\messenger\messenger.exe
Name: %Windir%\messenger\messenger.exe Type: Executable File
3.	%System%\temp.dll
Name: %System%\temp.dll Type: Dynamic link library
4.	%System%\Setup\licxnoc.dll
Name: %System%\Setup\licxnoc.dll Type: Dynamic link library
5.	%Windir%\inf\pp3.inf
Name: %Windir%\inf\pp3.inf
6.	%ProgramFiles%\Windows NT\fsdd.log
Name: %ProgramFiles%\Windows NT\fsdd.log

Registry Details

Trojan.Win32.Agent.crhz may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan.Win32.Agent.crhz

Aliases

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen