How to remove svchost.exe.update.exe

svchost.exe.update.exe

The module svchost.exe.update.exe has been detected as Trojan.LoadMoney

svchost.exe.update.exe
Remove svchost.exe.update.e

File Details

Product Name:

SvcHost Service Host
MD5: 914887f12705f1ce9d82572c56dc05f8
Size: 2 MB
First Published: 2017-06-08 20:08:05 (7 years ago)
Latest Published: 2021-07-15 20:30:07 (3 years ago)
Status: Trojan.LoadMoney (on last analysis)
Analysis Date: 2021-07-15 20:30:07 (3 years ago)

Overview

Signed By: VIK-TORI
Status: Valid

Common Places:

%windir%\microsoft
%profile%\ладислав\local settings\temp
%localappdata%\temp
%sysdrive%\system volume information\systemrestore\frstaging\windows\microsoft
%windir%
%sysdrive%\windows.old\users\irae\appdata\local
%windir%
%windir%

File Names:

svchost.exe
svchost.exe.update.exe
lWd7LRpcy1LU.exe
RNLrPCb08scB.exe
l1hiKxyOBFh3.exe
lQFyqs7eKL72.exe
rjxxv4WhDVrm.exe
3TttGRKgDQLa.exe
g2aot571elTS.exe
ZKlXbgc9XMwB.exe
hcIyqQ7AseBX.exe
4ugc9n7kyeCj.exe
oNsO7GGbnpXW.exe
HHlPqBCJYfXl.exe

Geography:

25.1%
21.3%
12.9%
6.1%
5.3%
4.2%
2.7%
2.3%
1.9%
1.9%
1.9%
1.1%
1.1%
1.1%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%

OS Version:

Windows 7 46.8%
Windows 10 44.5%
Windows XP 4.6%
Windows 8.1 3.8%
Windows 8 0.4%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00033575

PE Sections:

Name Size of data MD5
.text 293888 42ce475bd4f72b4c6d340af5f02064d0
.rdata 68608 72e2f64648e08d3dec9fe523b220fb34
.data 2157568 aac2741061ce515d10f62179f62dde25
.rsrc 1536 3ddd2d28a5abbfb19fdcfd740649153a
.reloc 28160 ee9ff3af68229d28d000bd6b3eb51eee

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for svchost.exe.update.exe
copyright for information about svchost.exe.update.exe