CSRSS.EXE – Trojan Downloader

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CSRSS.EXE – Trojan Downloader removal

FileMD5Virus Alias
CSRSS.EXE 243c1e7771ef0e99299ade452c29f032 Trojan Downloader
CSRSS.EXE 243c1e7771ef0e99299ade452c29f032 Trojan SuspiciousFile
CSRSS.EXE 243c1e7771ef0e99299ade452c29f032 Trojan Generic
CSRSS.EXE 243c1e7771ef0e99299ade452c29f032 Backdoor RBot
CSRSS.EXE 243c1e7771ef0e99299ade452c29f032 Trojan CI
CSRSS.EXE 243c1e7771ef0e99299ade452c29f032 Trojan Graftor

CSRSS.EXE size: 16384 bytes
CSRSS.EXE hash: 243C1E7771EF0E99299ADE452C29F032

Created files:

C:\1289100.dll
C:\windows\system32\dllcache\ws2help.dll
C:\windows\system32\drivers\420a0a1f.sys
C:\windows\system32\drivers\xpV3001.sys
C:\windows\system32\RpcSvc.psd
C:\windows\system32\ws2helpXP.dll
C:\windows\system32\wshtcpip.dll
C:\windows\Tasks\csrss.exe
C:\windows\temp\svohcst.exe
C:\windows\temp\temp1.exe
C:\windows\temp\temp2.exe
C:\windows\temp\temp3.exe
C:\windows\temp\temp4.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Download: C:\windows\temp\svohcst.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\Tasks\csrss.exe?, |Q- |X- |2?`?Detected by UnHackMe:

CSRSS.EXE
Default location: %WinDir%\TASKS\CSRSS.EXE

Dropper information:
MD5: 0061ab968be10a5fdec3098f6289ec02
File size: 452624 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images