[HOW TO]Remove NTDETEC1.exe

If you’re using the Operating System called Windows, chances are that you might have already come across the ntdetec1.exe virus. Or you will, sooner or later.

Its official name is W32.Ceted and it is a worm that copies itself to all shared and removable drives and spreads when the user double clicks on it to open it. If a system is infected, it creates a folder called ntdetec1 in your System Drive which is NOT visible via Explorer or Command prompt.

Related files:
\ntdetec1\ntdetec1.exe
\ntdetec1\cmrss.exe
\ntdetec1\run.exe
\ntdetec1\shell32.exe
\ntdetec1\drivelist.txt
\ntdetec1\child\autorun.inf
\ntdetec1\child\ntdetec1.exe

Symptoms:
1. Task Manager closes as soon as it launches.
2. RegEdit may be inaccesible
3. Folder Options may be inaccessible

When I scanned using some anti-virus software, Nod32, Symantec AV Corporate, McAfee and AVG failed to detect the files, even in Safe Mode.

To remove it, run the following commands at the command prompt:

taskkill /im cmrss.exe
taskkill /im ntdetec1.exe
taskkill /im shell32.exe

Now, make sure you are in the root drive of your system. For example, if your Windows in installed in C:, make sure your prompt shows C:\>
Now, run the command..

attrib ntdetec1 -s -h -r /s /d

(s->system,h->hidden,r->read only)

This will make the folder visible in explorer. Now you can Shift+Delete the folder from explorer.

Also, you might need to delete the following registry key (if it is present)

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\ Run\"winlogon" = "C:\ntdetec1\run.exe"

Congratulations, this will remove all known traces of the above worm.

And remember, next time you use someone’s PD, before you access it, goto your command prompt and delete the autorun.inf file if any

Popularity: 5%

Random Posts

• Best Computer Tricks #1
• How to use GPRS for free on Airtel using Opera Mini 5
• [how to] Use mobile as webcam|Mobiola Web Camera 3
• Password protect your PenDrive with USB Safeguard
• Share files easily using HFS
• [How To] Find Torrent files using Google
• [How to]view hidden system files and folders|Unhide hidden virus files
• How to find senders IP address from received mail
• Paintribbon:Get Windows 7 kind of Paint in XP and Vista
• Different ways to shutdown ur pc

[HOW TO]Remove NTDETEC1.exe

Subscribe to COOL COMPUTER TRICKS by Email

Support Us keeping this website online 24*7 Please

Recent Entries

• Firebug for Google Chrome
• Set a Video as Desktop backgorund in Windows 7
• Redesign your Desktop in your own way with BumpTop
• Start multiple applications with single click : Lacuna Launcher
• Lock your private files with Easy File Locker
• Tweak your Ubuntu with Ubuntu tweak 0.5
• Arrange folders according to their size in Windows
• [Get]Microsoft Live SkyDrive – Free 25GB Online File Hosting
• [How To]Easily access and manage Google Bookmarks in Chrome
• Windows 7 troubleshooting tips[ebook][download]

This entry was posted on Friday, March 21st, 2008 at 3:41 am and is filed under computer tricks, pc repair. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.