SVCHOST.EXE – Trojan Xema

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SVCHOST.EXE – Trojan Xema removal

FileMD5Virus Alias
SVCHOST.EXE 95ef47e68583b76b1527148e3ebacbab Trojan Xema
SVCHOST.EXE 95ef47e68583b76b1527148e3ebacbab Trojan Hllw
SVCHOST.EXE 95ef47e68583b76b1527148e3ebacbab Trojan Agent

SVCHOST.EXE size: 46592 bytes
SVCHOST.EXE hash: 95EF47E68583B76B1527148E3EBACBAB

Created files:

C:\Recycled\CTFMON.EXE
C:\Recycled\SMSS.EXE
C:\Recycled\SPOOLSV.EXE
C:\Recycled\SVCHOST.EXE

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: C:\recycled\SVCHOST.exe,
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe “C:\recycled\SVCHOST.exe”

Detected by UnHackMe:

SVCHOST.EXE
Default location: C:\RECYCLED\SVCHOST.EXE

Dropper information:
MD5: 0e947329d9c3b9973e46c56c504f540e
File size: 46592 bytes

Leave a Reply