SVCHOST.EXE – Trojan Artemis

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SVCHOST.EXE – Trojan Artemis removal

FileMD5Virus Alias
SVCHOST.EXE 8de1f13ae5b1d6248b9d88c06dcfc0dc Trojan Artemis
SVCHOST.EXE 8de1f13ae5b1d6248b9d88c06dcfc0dc Trojan SuspiciousFile
SVCHOST.EXE 8de1f13ae5b1d6248b9d88c06dcfc0dc Trojan PAK_Generic
SVCHOST.EXE 8de1f13ae5b1d6248b9d88c06dcfc0dc Trojan Downloader
SVCHOST.EXE 8de1f13ae5b1d6248b9d88c06dcfc0dc Trojan Agent

SVCHOST.EXE size: 19456 bytes
SVCHOST.EXE hash: 8DE1F13AE5B1D6248B9D88C06DCFC0DC

Created files:

%WinDir%\svchost.exe
%SysDir%\drivers\ahnurla.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ahnurla\Type: 01000000
HKLM\System\CurrentControlSet\Services\ahnurla\Start: 02000000
HKLM\System\CurrentControlSet\Services\ahnurla\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ahnurla\DisplayName: ahnurla
HKLM\System\CurrentControlSet\Services\ahnurla\ImagePath: %WinDir%\System32\drivers\ahnurla.sys

Detected by UnHackMe:

SVCHOST.EXE
Default location: %WinDir%\SVCHOST.EXE

Dropper information:
MD5: 12f3081357e43dc101037dbe7907f827
File size: 100864 bytes

Leave a Reply