Subscribe
This Trojan launches a proxy server on the victim machine.
The svchosts.exe process launches an HTTP proxy server on TCP port 3128. The svchostc.exe process will, in turn, launch a SOCKS5 proxy server on TCP port 1080.
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
- Use Task Manager to terminate the Trojan processes, which are
likely to have the following names:
svchosts.exe svchostc.exe
- Delete the original Trojan files (the location will depend on how the program originally penetrated the victim machine).
- Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
This Trojan launches a proxy server on the victim machine without the user's knowledge or consent. This makes it possible for a remote malicious user to appear as though his actions are being carried out on the infected machine.
The Trojan is a Windows PE EXE file. It is written in C . It has the following components: svchostñ.exe – 19,456 bytes in size; svchosts.exe – 25,088 bytes in size.
Payload
Hot Articles