» svchost.exe
Overview
Analysis
File Details

svchost.exe

The executable svchost.exe has been detected as malware by 23 anti-virus scanners. Although this file uses the name svchost.exe, this is NOT the Windows SvcHost (Service Host) distributed with the OS.

File name:

svchost.exe

MD5:

9215c994051ac7ba50b577b50c460ada

SHA-1:

d67548bef1e65292bdf5a84dea5f1e7f4f2c6d79

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

4/28/2024 10:23:06 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-Trojan/Agent.139264.GD

5.0.

Avira AntiVirus

TR/Agent.bktb

7.9.0.180

Emsisoft A-Squared

Trojan.Win32.Agent!IK

4.0.0.101

avast!

Win32:Trojan-gen {Other}

2014.9-170314

AVG

Agent

2018.0.2439

Bitdefender

Trojan.Generic.1406751

1.0.20.365

Clam AntiVirus

Trojan.Agent-86956

0.98/171

Comodo Security

TrojWare.Win32.Agent.bktb

1199

ESET NOD32

Win32/Agent.OWF

11.4132

F-Secure

Trojan.Win32.Agent.bktb

11.2017-14-03_3

G Data

Trojan.Generic.1406751

17.3.19

K7 AntiVirus

Trojan.Win32.Agent.bktb

13.7.10.754

Kaspersky

Trojan.Win32.Agent

14.0.0.-1308

McAfee

Downloader-BOR

5600.6095

Microsoft Security Essentials

TrojanDropper:Win32/Vtimrun.B

1.163.1557.0

Norman

W32/Agent.LUUB

11.20170314

nProtect

Trojan/W32.Agent2.139264

2009.1.8.0

Panda Antivirus

Trj/Downloader.MDW

17.03.14.12

Prevx

High Risk Cloaked Malware

3.0

Quick Heal

Trojan.Agent.bktb

3.17.10.00

Sophos

Mal/Generic-A

4.42

Vba32 AntiVirus

BScope.Dropper.Gen.18

3.12.10.6

ViRobot

Spyware.Agent.139264.G

2009.6.4.1769

File size:

136 KB (139,264 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\svchost.exe

File PE Metadata

Compilation timestamp:

1/10/2009 6:44:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x3C00

Entry point:

E8, E6, 33, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 08, 89, 7D, FC, 89, 75, F8, 8B, 75, 0C, 8B, 7D, 08, 8B, 4D, 10, C1, E9, 07, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F, 67, 40, 66, 0F, 7F, 6F, 50, 66, 0F, 7F, 77, 60, 66, 0F, 7F, 7F, 70, 8D, B6, 80, 00, 00, 00, 8D, BF... 
[+]

Code size:

42.5 KB (43,520 bytes)

Remove svchost.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.