TEMP2.EXE – Trojan Artemis

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

TEMP2.EXE – Trojan Artemis removal

FileMD5Virus Alias
TEMP2.EXE 317277e39f7fa5b7a46073a9c1689d4f Trojan Artemis
TEMP2.EXE 317277e39f7fa5b7a46073a9c1689d4f Trojan SuspiciousFile
TEMP2.EXE 317277e39f7fa5b7a46073a9c1689d4f Trojan XPACK
TEMP2.EXE 317277e39f7fa5b7a46073a9c1689d4f Trojan Generic
TEMP2.EXE 317277e39f7fa5b7a46073a9c1689d4f Trojan Click
TEMP2.EXE 317277e39f7fa5b7a46073a9c1689d4f Trojan Eldorado

TEMP2.EXE size: 29184 bytes
TEMP2.EXE hash: 317277E39F7FA5B7A46073A9C1689D4F

Created files:

C:\3238300.dll
C:\windows\System32\RpcSvc.psd
C:\windows\Tasks\csrss.exe
C:\windows\temp\svohcst.exe
C:\windows\temp\temp1.exe
C:\windows\temp\temp2.exe
C:\windows\temp\temp3.exe
C:\windows\temp\temp4.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Download: C:\windows\temp\svohcst.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\Tasks\csrss.exe?, |Q- |X- |2???Detected by UnHackMe:

TEMP2.EXE
Default location: %TEMP%\TEMP2.EXE

Dropper information:
MD5: 845b0945d5fe0e0aaa16234dc21484e0
File size: 475152 bytes

Leave a Reply