If you’re using the Operating System called Windows, chances are that you might have already come across the ntdetec1.exe virus. Or you will, sooner or later.
Its official name is W32.Ceted and it is a worm that copies itself to all shared and removable drives and spreads when the user double clicks on it to open it. If a system is infected, it creates a folder called ntdetec1 in your System Drive which is NOT visible via Explorer or Command prompt.
Related files:
ntdetec1ntdetec1.exe
ntdetec1cmrss.exe
ntdetec1run.exe
ntdetec1shell32.exe
ntdetec1drivelist.txt
ntdetec1childautorun.inf
ntdetec1childntdetec1.exe
Symptoms:
1. Task Manager closes as soon as it launches.
2. RegEdit may be inaccesible
3. Folder Options may be inaccessible
When I scanned using some anti-virus software, Nod32, Symantec AV Corporate, McAfee and AVG failed to detect the files, even in Safe Mode.
To remove it, run the following commands at the command prompt:
taskkill /im cmrss.exe
taskkill /im ntdetec1.exe
taskkill /im shell32.exe
Now, make sure you are in the root drive of your system. For example, if your Windows in installed in C:, make sure your prompt shows C:>
Now, run the command..
attrib ntdetec1 -s -h -r /s /d
(s->system,h->hidden,r->read only)
This will make the folder visible in explorer. Now you can Shift+Delete the folder from explorer.
Also, you might need to delete the following registry key (if it is present)
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionpoliciesExplorer Run"winlogon" = "C:ntdetec1run.exe"
Congratulations, this will remove all known traces of the above worm.
And remember, next time you use someone’s PD, before you access it, goto your command prompt and delete the autorun.inf file if any
Incoming search terms for the article:
- ntdetec1 exe,remove shell32 exe,how to remove ntdetec1 on windows xp,cache:8b7j3z9QrFMJ:etricks in/2008/03/11-ways-to-make-ur-comp-faster html Ext2Fsd vista takes ages,remove ntdetec1 from computer virus,ntdetec1,how to remove recycler symantec,how to REMOVE ntdetec1 exe system exe,how do i change language translation code in exe,removing recycler using command prompt
Related posts:
- How to remove recycler.exe virus from Pen Drive
- [How to]Remove Drivemonitor.exe flashguard.exe driveguard.exe
- [HOW TO]Remove AMVO.EXE virus
- How to remove new folder.exe virus from pendrive
- [HOW TO]Remove virus Hacked by GodZilla
- How To Remove W32.sillyFDC Virus|W32.sillyFDC Virus removal
- [HOW TO] Remove win32.zafi.b Virus/Adware
- How to remove programs not listed in “Add/Remove Programs”
- Detect and remove autorun.inf from Pen Drive
- Folder option not working ???See this…
thanks for the info….. it was awesome!!!
hey thanks for the help
was really effective
thanks a ton!!!
Hi! I was surfing and found your blog post… nice! I love your blog.
Cheers! Sandra. R.
Doesnt work on vista though man