CSRSS.EXE – Trojan Artemis

Alex NightWatcher

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

CSRSS.EXE – Trojan Artemis removal

File	MD5	Virus Alias
CSRSS.EXE	7b86a3340917ff27b310c19881af5cb0	Trojan Artemis
CSRSS.EXE	7b86a3340917ff27b310c19881af5cb0	Trojan DLOADER
CSRSS.EXE	7b86a3340917ff27b310c19881af5cb0	Trojan SuspiciousFile
CSRSS.EXE	7b86a3340917ff27b310c19881af5cb0	Trojan Generic
CSRSS.EXE	7b86a3340917ff27b310c19881af5cb0	Backdoor RBot
CSRSS.EXE	7b86a3340917ff27b310c19881af5cb0	Trojan Downloader

CSRSS.EXE size: 90112 bytes
CSRSS.EXE hash: 7B86A3340917FF27B310C19881AF5CB0

Created files:

C:\3238300.dll
C:\windows\System32\RpcSvc.psd
C:\windows\Tasks\csrss.exe
C:\windows\temp\svohcst.exe
C:\windows\temp\temp1.exe
C:\windows\temp\temp2.exe
C:\windows\temp\temp3.exe
C:\windows\temp\temp4.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Download: C:\windows\temp\svohcst.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\Tasks\csrss.exe?, |Q- |X- |2???Detected by UnHackMe:

CSRSS.EXE
Default location: %WinDir%\TASKS\CSRSS.EXE

Dropper information:
MD5: ca33e1826f8d03ed2c11fba563ca3bbb
File size: 4207 bytes

Leave a Reply Cancel reply

You must be logged in to post a comment.