WINSVCHOST.EXE – Trojan Generic.KD

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINSVCHOST.EXE – Trojan Generic.KD removal

FileMD5Virus Alias
WINSVCHOST.EXE 1f27979d5ba770c13be756c577de6d81 Trojan Generic.KD
WINSVCHOST.EXE 1f27979d5ba770c13be756c577de6d81 Trojan Btcmine
WINSVCHOST.EXE 1f27979d5ba770c13be756c577de6d81 Trojan Dropper.Generic7
WINSVCHOST.EXE 1f27979d5ba770c13be756c577de6d81 Trojan Generic
WINSVCHOST.EXE 1f27979d5ba770c13be756c577de6d81 Trojan CoinMiner
WINSVCHOST.EXE 1f27979d5ba770c13be756c577de6d81 Trojan Agent

WINSVCHOST.EXE size: 291840 bytes
WINSVCHOST.EXE hash: 1F27979D5BA770C13BE756C577DE6D81

Created files:

%Temporary Internet Files%\Content.IE5\9ZXDM8KN\phatk[1].cl
%SysDir%\config\systemprofile\My Documents\Windows\B\miner.dll
%SysDir%\config\systemprofile\My Documents\Windows\B\phatk.cl
%SysDir%\config\systemprofile\My Documents\Windows\B\phatk.ptx
%SysDir%\config\systemprofile\My Documents\Windows\B\usft_ext.dll
%SysDir%\config\systemprofile\My Documents\Windows\B\winsvchost.exe
%SysDir%\config\systemprofile\My Documents\Windows\U\miner.dll
%SysDir%\config\systemprofile\My Documents\Windows\U\phatk.cl
%SysDir%\config\systemprofile\My Documents\Windows\U\phatk.ptx
%SysDir%\config\systemprofile\My Documents\Windows\U\usft_ext.dll
%SysDir%\config\systemprofile\My Documents\Windows\U\winx.exe

Detected by UnHackMe:

WINSVCHOST.EXE
Default location: %SYSDIR%\CONFIG\SYSTEMPROFILE\MY DOCUMENTS\WINDOWS\B\WINSVCHOST.EXE

Dropper information:
MD5: c9af110d33e56ddc454d0193c85f6991
File size: 47104 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images