SVCHOST.EXE – Trojan Agent

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SVCHOST.EXE – Trojan Agent removal

FileMD5Virus Alias
SVCHOST.EXE 145319b88c8f4305ed6a22e5d067aa6c Trojan Agent
SVCHOST.EXE 145319b88c8f4305ed6a22e5d067aa6c Suspicious File
SVCHOST.EXE 145319b88c8f4305ed6a22e5d067aa6c Trojan Artemis
SVCHOST.EXE 145319b88c8f4305ed6a22e5d067aa6c Trojan Generic
SVCHOST.EXE 145319b88c8f4305ed6a22e5d067aa6c Trojan MulDrop4
SVCHOST.EXE 145319b88c8f4305ed6a22e5d067aa6c Trojan CI

SVCHOST.EXE size: 582656 bytes
SVCHOST.EXE hash: 145319B88C8F4305ED6A22E5D067AA6C

Created files:

%Program Files Common%\Microsoft Shared\DAO\svchost.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\IPV4TPSSFilterHelper\Type: 10010000
HKLM\System\CurrentControlSet\Services\IPV4TPSSFilterHelper\Start: 02000000
HKLM\System\CurrentControlSet\Services\IPV4TPSSFilterHelper\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\IPV4TPSSFilterHelper\DisplayName: IPv4 provides ability to share TCP ports over the net.tcp protocol.
HKLM\System\CurrentControlSet\Services\IPV4TPSSFilterHelper\ImagePath: %Program Files Common%\Microsoft Shared\DAO\svchost.exe -k netsvcs -s

Detected by UnHackMe:

SVCHOST.EXE
Default location: %PROGRAM FILES COMMON%\MICROSOFT SHARED\DAO\SVCHOST.EXE

Dropper information:
MD5: 145319b88c8f4305ed6a22e5d067aa6c
File size: 582656 bytes

Leave a Reply