Troj/Agent-GTN is a Trojan for the Windows platform.
When Troj/Agent-GTN is installed the following files are created:
%System%\hrpdcf.bin (harmless data file, can be deleted)
%System%\mp3res.dll (detected as Troj/Agent-GTN)
%System%\xprot.sys (detected as Troj/Agent-GTN)
The following registry entries are created to run code exported by mp3res.dll on startup:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mp3res
DllName
mp3res.dll0
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mp3res
Startup
mp3res
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mp3res
When Troj/Agent-GTN is installed the following files are created:
%System%\hrpdcf.bin (harmless data file, can be deleted)
%System%\mp3res.dll (detected as Troj/Agent-GTN)
%System%\xprot.sys (detected as Troj/Agent-GTN)
The following registry entries are created to run code exported by mp3res.dll on startup:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mp3res
DllName
mp3res.dll0
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mp3res
Startup
mp3res
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mp3res
LibreOffice
Firefox
No comments:
Post a Comment