ntdetect.exe - Dangerous

We suggest you to remove NTDETECT.exe from your computer as soon as possible.
NTDETECT.exe is W32.Yahack.A.
W32.Yahack.A is a worm that spreads through mapped drives. It logs keystrokes, gathers system information, and steals Yahoo! Messenger passwords.
Related files:
%CurrentFolder%\autorun.inf
%System%\UpDateWinc.exe
%System%\UpDateWind.exe
%Windir%\LogBoy.log
%SystemDrive%\a1.exe
%SystemDrive%\pass1.txt
%SystemDrive%\tem.exe
%SystemDrive%\temp1.bat
%DriveLetter%\NTDETECT.exe

Saya baru jumpa trojan nih dalam laptop seorang kastemer. Pada mulanya macam susah juga nak buang mangkuk hayun nih. Delete je dia masuk balik. Kena cari dia punya main file. So, saya cuba cara manual ini :

1. Pertama sekali saya kill process "UpDateWinc.exe" dalam Task Manager.
2. Lepas tu Delete file Ntdetect.com dalam c:\
3. Kemudian cari file UpDateWinc.exe dan UpDateWind.exe dalam folder system32 dan delete.
4. Bukan msconfig dan buangkan file
UpDateWinc.exe dari senarai startup.
5. Buka fail regedit, dan cari file Ntdetect.exe,
UpDateWinc.exe, dan buangkan ia dari senarai.

Setakat ini cara manual diatas dapat membantu membuang trojan tersebut.


Read more: http://www.symantec.com/business/securit...

 

1 comments:

  1. Good SIte is good thanx for sharring

    on September 27, 2008 at 4:41 PM