I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SVCHSOT.EXE – Backdoor Zegost removal
File | MD5 | Virus Alias |
---|---|---|
SVCHSOT.EXE | 2413c41526f1f4c1c88e9ac13e42cb07 | Backdoor Zegost |
SVCHSOT.EXE | 2413c41526f1f4c1c88e9ac13e42cb07 | Trojan BZub |
SVCHSOT.EXE | 2413c41526f1f4c1c88e9ac13e42cb07 | Trojan Eldorado |
SVCHSOT.EXE | 2413c41526f1f4c1c88e9ac13e42cb07 | Backdoor PcClien |
SVCHSOT.EXE | 2413c41526f1f4c1c88e9ac13e42cb07 | Trojan Agent |
SVCHSOT.EXE | 2413c41526f1f4c1c88e9ac13e42cb07 | Backdoor Farfli |
SVCHSOT.EXE size: 187392 bytes
SVCHSOT.EXE hash: 2413C41526F1F4C1C88E9AC13E42CB07
Created files:
C:\program files\common files\microsoft shared\msinfo\123.exe
C:\program files\common files\microsoft shared\msinfo\CrossFire_OBV187_Full_XFDL_signed.exe
C:\program files\common files\microsoft shared\msinfo\lsass.exe
C:\program files\common files\microsoft shared\msinfo\Server.exe
%TEMP%\1107000
%TEMP%\1107000.exe
%WinDir%\XXXXXX8F70D37A\svchsot.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\XXXXXX8F70D37A: %WinDir%\XXXXXX8F70D37A\svchsot.exe
Detected by UnHackMe:
SVCHSOT.EXE
Default location: %WinDir%\XXXXXX8F70D37A\SVCHSOT.EXE
Dropper information:
MD5: b0667f460e8c096fdae7ad9063143180
File size: 794624 bytes