I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SVCHOOST.EXE – Trojan Agent removal
| File | MD5 | Virus Alias |
|---|---|---|
| SVCHOOST.EXE | bb2e482ad846d9580af1fe199564e92e | Trojan Agent |
| SVCHOOST.EXE | bb2e482ad846d9580af1fe199564e92e | Trojan Artemis |
| SVCHOOST.EXE | bb2e482ad846d9580af1fe199564e92e | Trojan Generic |
| SVCHOOST.EXE | bb2e482ad846d9580af1fe199564e92e | Trojan Click |
| SVCHOOST.EXE | bb2e482ad846d9580af1fe199564e92e | Trojan Eldorado |
| SVCHOOST.EXE | bb2e482ad846d9580af1fe199564e92e | Backdoor RBot |
SVCHOOST.EXE size: 53760 bytes
SVCHOOST.EXE hash: BB2E482AD846D9580AF1FE199564E92E
Created files:
%WinDir%\svchoost.exe
%SysDir%\gei33.dll
%SysDir%\hgzlgm.exe
%Temp%\zhunquel.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run : 43003A005C00570049004E0044004F00570053005C0073007600630068006F006F00730074002E006500780065000000
HKLM\System\CurrentControlSet\Services\netscvre\Type: 10000000
HKLM\System\CurrentControlSet\Services\netscvre\Start: 02000000
HKLM\System\CurrentControlSet\Services\netscvre\DisplayName: NT LM Security Support Providers
HKLM\System\CurrentControlSet\Services\netscvre\ImagePath: %WinDir%\System32\hgzlgm.exe
HKLM\System\CurrentControlSet\Services\netscvre\Description: NT LM Security Support Providers
Detected by UnHackMe:
SVCHOOST.EXE
Default location: %WinDir%\SVCHOOST.EXE
Dropper information:
MD5: 64c1ca809f3bd60278231c983407309d
File size: 92160 bytes