SVSCHOST.EXE – Trojan Artemis

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SVSCHOST.EXE – Trojan Artemis removal

FileMD5Virus Alias
SVSCHOST.EXE 61445d6835ee70c74afd526593bf13d8 Trojan Artemis
SVSCHOST.EXE 61445d6835ee70c74afd526593bf13d8 Trojan SuspiciousFile
SVSCHOST.EXE 61445d6835ee70c74afd526593bf13d8 Trojan Generic
SVSCHOST.EXE 61445d6835ee70c74afd526593bf13d8 Trojan CI

SVSCHOST.EXE size: 41472 bytes
SVSCHOST.EXE hash: 61445D6835EE70C74AFD526593BF13D8

Created files:

C:\ProgramData\stppthmain\stppthmain.dll
%SysDir%\cfwin32.dll
%SysDir%\csrss32.dll
%SysDir%\csrss64.dll
%SysDir%\default2.sfx
%SysDir%\NoSafeMode.dll
%SysDir%\nsf.exe
%SysDir%\sdelete.dll
%SysDir%\svschost.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\NIaSvc\Type: 10000000
HKLM\System\CurrentControlSet\Services\NIaSvc\Start: 02000000
HKLM\System\CurrentControlSet\Services\NIaSvc\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NIaSvc\DisplayName: Network Locatlon Awareness
HKLM\System\CurrentControlSet\Services\NIaSvc\ImagePath: %WinDir%\System32\svschost.exe

Detected by UnHackMe:

SVSCHOST.EXE
Default location: %SYSDIR%\SVSCHOST.EXE

Dropper information:
MD5: 77db77abd031b91ca4d00d3fc7f8e241
File size: 583261 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images