How to remove svchost.exe.exe

svchost.exe.exe

The module svchost.exe.exe has been detected as Risk.CoinMiner

svchost.exe.exe
Remove svchost.exe.exe

File Details

MD5: 199832ac4cf62e1134474e3d5edceb76
Size: 1 MB
First Published: 2017-05-25 08:02:19 (7 years ago)
Latest Published: 2019-09-07 13:28:12 (5 years ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2019-09-07 13:28:12 (5 years ago)

Overview

Signed By: H-BIT d.o.o.
Status: Valid

Common Places:

%commonappdata%\windows
%sysdrive%\nicehashminer_v1.7.3.2
%commonappdata%
%sysdrive%\программы\nicehashminer_v1.7.5.131\nicehashminer_v1.7.4.5\nicehashminer_v1.7.4.5
%sysdrive%\программы\nicehashminer_v1.7.5.131\nicehashminer_v1.7.5.13
%profile%\downloads\nicehashminer_v1.7.3.4
%temp%\nhm
%desktop%\hash_kings\bin
%profile%\downloads\nicehashminer_v1.7.3.3\nicehashminer_v1.7.3.3
%desktop%\nicehashminer_v1.7.4.4

File Names:

svchot.exe
svchost.exe.exe
cpuminer_opt_AVX2_AES.exe
winlog.exe
msdc.exe
winlog.txt.exe

Geography:

48.5%
15.2%
9.1%
6.1%
6.1%
6.1%
3.0%
3.0%
3.0%

OS Version:

Windows 10 51.5%
Windows 7 27.3%
Windows Server 2012 R2 12.1%
Windows 8.1 6.1%
Windows Server 2008 R2 3.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000400000
Entry Address: 0x000014d0

PE Sections:

Name Size of data MD5
.text 1143296 6e26e16d7f63be112951f5937b8d60f3
.data 6144 0d7269926dd3cba64432867b72fc673a
.rdata 328704 781234c5a207f8d22ccdae84e4a4c918
.pdata 14848 6a10525da3ef0ad218886fa5abb24a02
.xdata 16896 90e39eb3c89fbffe6b475b2ab982ddb7
.bss 0 00000000000000000000000000000000
.idata 15360 0fe081fa7098e6e9fbbf5aa47968a9cb
.CRT 512 70c222748f732f64607df59085ca89c5
.tls 512 6cc3fc62139be69bd1919dee65c318cb

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for svchost.exe.exe
copyright for information about svchost.exe.exe