Win32.Nethief
Win32.Nethief is a RAT or Remote Administration Tool. This is a method employed by hackers to enter your machine surreptitiously and then take control of it remotely. You may have been infected with Win32.Nethief through an e-mail or by possibly through a Print and File Sharing program.
This nuisance will connect with a server and comes compressed with ASPack. Infection of this sort puts you in direct contact with a hacker whose only intent is to harvest information from your personal files. Written in Visual C++, Win32.Nethief will run on most Windows operating systems.
AKA:
Backdoor.Win32.Nethief.o
Backdoor.Nethief
Backdoor.Win32.Nethief
BackDoor-TW
BackDoor.Nethief
Troj/Bdoor-TW
Backdoor:Win32/Nethief
BKDR_NETHIEF.F
BDS/Nethief
Win32:Trojan-gen.
BackDoor.Nethief
Backdoor.Nethief
Win32/Nethief
Related Files:
nethief.exe
nethief.ini
readme.txt
server.bud.
-492215193.exe
6636ece4.exe
backdoor.nethief.c.exe
Category:
RAT
Recommended Action:
Remove at once.
To attempt manual removal, you must kill this processe:
nethief.exe
Remove these registry values:
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorerrun, internet explorer=
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun, internet explorer=IEXPLORE.exe=
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun, internet explorer=IExplorer.exe=
Followed by deleting these files:
nethief.exe, nethief.ini, readme.txt, server.bud.
For comprehensive and faster removal of spyware, there is SpyZooka. SpyZooka offers fast and complete removal of all spyware. In fact, SpyZooka’s guarantee is like no other in the industry. With unparalleled service and a sterling reputation, SpyZooka will exceed all of your expectations.