Solved! Use SYSHOST.EXE (Trojan Artemis) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SYSHOST.EXE – Trojan Artemis removal

FileMD5Virus Alias
SYSHOST.EXE 4e75e649d227590f5cf5ac9fea3d55e2 Trojan Artemis
SYSHOST.EXE 4e75e649d227590f5cf5ac9fea3d55e2 Trojan SuspiciousFile
SYSHOST.EXE 4e75e649d227590f5cf5ac9fea3d55e2 Trojan XPACK
SYSHOST.EXE 4e75e649d227590f5cf5ac9fea3d55e2 Trojan Generic
SYSHOST.EXE 4e75e649d227590f5cf5ac9fea3d55e2 Trojan Downloader
SYSHOST.EXE 4e75e649d227590f5cf5ac9fea3d55e2 Trojan CI

SYSHOST.EXE size: 72192 bytes
SYSHOST.EXE hash: 4E75E649D227590F5CF5AC9FEA3D55E2

Created files:

%WinDir%\Installer\{3D6DE1B4-6B06-6DD2-C80B-80A62A442327}\syshost.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\syshost32\Type: 10000000
HKLM\System\CurrentControlSet\Services\syshost32\Start: 02000000
HKLM\System\CurrentControlSet\Services\syshost32\ImagePath: “%WinDir%\Installer\{3D6DE1B4-6B06-6DD2-C80B-80A62A442327}\syshost.exe” /service

Detected by UnHackMe:

SYSHOST.EXE
Default location: %WinDir%\INSTALLER\{3D6DE1B4-6B06-6DD2-C80B-80A62A442327}\SYSHOST.EXE

Dropper information:
MD5: 4e75e649d227590f5cf5ac9fea3d55e2
File size: 72192 bytes

Leave a Reply