Troj/Agent-GXG is a Trojan for the Windows platform.

When run Troj/Agent-GXG will copy itself to the systemroot folder and will delete the copy of itself from its original location on the file system.

Troj/Agent-GXG will then set registry entries under the key:


HKLM\SOFTWARE\Microsoft\active setup\Installed components\{43564368-4375-8601-4371-458454791235\

Troj/Agent-GXG will periodically start an instance of Internet Explorer and attempt to connect to a remote URL.

More information can be found at this Sophos page.