Solved! Use BSVVSM.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

BSVVSM.EXE – Backdoor Nitol removal

File MD5 Virus Alias
BSVVSM.EXE a04c19266288629286da851002248ef8 Backdoor Nitol
BSVVSM.EXE a04c19266288629286da851002248ef8 Trojan SuspiciousFile
BSVVSM.EXE a04c19266288629286da851002248ef8 Trojan Artemis
BSVVSM.EXE a04c19266288629286da851002248ef8 Trojan Eldorado
BSVVSM.EXE a04c19266288629286da851002248ef8 Trojan Downloader
BSVVSM.EXE a04c19266288629286da851002248ef8 Trojan DNAScan

BSVVSM.EXE size: 49664 bytes
BSVVSM.EXE hash: A04C19266288629286DA851002248EF8

Created files:

%SysDir%\bsvvsm.exe
%SysDir%\gei33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\netscvre\Type: 10000000
HKLM\System\CurrentControlSet\Services\netscvre\Start: 02000000
HKLM\System\CurrentControlSet\Services\netscvre\DisplayName: NT LM Security Support Providers
HKLM\System\CurrentControlSet\Services\netscvre\ImagePath: %WinDir%\System32\bsvvsm.exe
HKLM\System\CurrentControlSet\Services\netscvre\Description: NT LM Security Support Providers

Detected by UnHackMe:

BSVVSM.EXE
Default location: %SYSDIR%\BSVVSM.EXE

Dropper information:
MD5: a04c19266288629286da851002248ef8
File size: 49664 bytes

Leave a Reply