Win32.Nethief

Win32.Nethief is a RAT or Remote Administration Tool.  This is a method employed by hackers to enter your machine surreptitiously and then take control of it remotely.  You may have been infected with Win32.Nethief through an e-mail or by possibly through a Print and File Sharing program.

This nuisance will connect with a server and comes compressed with ASPack.  Infection of this sort puts you in direct contact with a hacker whose only intent is to harvest information from your personal files.  Written in Visual C++, Win32.Nethief will run on most Windows operating systems.

AKA:
Backdoor.Win32.Nethief.o
Backdoor.Nethief
Backdoor.Win32.Nethief
BackDoor-TW
BackDoor.Nethief
Troj/Bdoor-TW
Backdoor:Win32/Nethief
BKDR_NETHIEF.F
BDS/Nethief
Win32:Trojan-gen.
BackDoor.Nethief
Backdoor.Nethief
Win32/Nethief

Related Files:
nethief.exe
nethief.ini
readme.txt
server.bud.
-492215193.exe
6636ece4.exe
backdoor.nethief.c.exe

Category:
RAT

Recommended Action:
Remove at once.

To attempt manual removal, you must kill this processe:

nethief.exe

Remove these registry values:

HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorerrun, internet explorer=

HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun, internet explorer=IEXPLORE.exe=

HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun, internet explorer=IExplorer.exe=

Followed by deleting these files:

nethief.exe, nethief.ini, readme.txt, server.bud.

For comprehensive and faster removal of spyware, there is ZookaWare PC Cleaner.  ZookaWare PC Cleaner offers fast and complete removal of all spyware.  In fact, ZookaWare PC Cleaner’s guarantee is like no other in the industry.  With unparalleled service and a sterling reputation, ZookaWare PC Cleaner will exceed all of your expectations.

Download Free Scan
ZookaWare runs on Windows Vista, 7, 8 and 10. It has no ads, popups or bundled software and fully uninstalls by clicking Start > All Programs > select ZookaWare and click Uninstall.

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php