LSPVOU.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

LSPVOU.EXE – Backdoor Nitol removal

FileMD5Virus Alias
LSPVOU.EXE 1c5ff68d8d5bacf2524969da10883415 Backdoor Nitol
LSPVOU.EXE 1c5ff68d8d5bacf2524969da10883415 Trojan XPACK
LSPVOU.EXE 1c5ff68d8d5bacf2524969da10883415 Trojan Generic
LSPVOU.EXE 1c5ff68d8d5bacf2524969da10883415 Trojan Eldorado
LSPVOU.EXE 1c5ff68d8d5bacf2524969da10883415 Trojan Graftor
LSPVOU.EXE 1c5ff68d8d5bacf2524969da10883415 Trojan Jorik

LSPVOU.EXE size: 34304 bytes
LSPVOU.EXE hash: 1C5FF68D8D5BACF2524969DA10883415

Created files:

%SysDir%\gei33.dll
%SysDir%\lspvou.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\2SDASDASDASD\Type: 10000000
HKLM\System\CurrentControlSet\Services\2SDASDASDASD\Start: 02000000
HKLM\System\CurrentControlSet\Services\2SDASDASDASD\DisplayName: ASP.NET State S12ervices
HKLM\System\CurrentControlSet\Services\2SDASDASDASD\ImagePath: %WinDir%\System32\lspvou.exe
HKLM\System\CurrentControlSet\Services\2SDASDASDASD\Description: Pro212123234vides support for out-of-to-process

Detected by UnHackMe:

LSPVOU.EXE
Default location: %SYSDIR%\LSPVOU.EXE

Dropper information:
MD5: 77774d76e724ae9017bac8609947899c
File size: 47104 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images