|
Malware -
Harmful EXE
|
ntos.exe is a name used by virus writers to mimic the legitimate file name ntoskrnl.exe found in windows. At least I am not aware of a legitimate software that is using the name ntos.exe, although there is every possibility that there could be. Recently this name is appearing in different virus analysis reports. The location where it is generally appearing is in the %system% directory.
| Aliases: There are a number of viruses that are using this filename. You can find a list of them on this link
| Delete these Files: These are some of the places where the malicious file could be found
%System%\ntos.exe
%Temp%\nt025c\ntos.exe
%System% is C:\Windows\System (in Windows 95/98/Me), C:\Winnt\System32 (in Windows NT/2000), or C:\Windows\System32 (in Windows XP) %Temp% is the temporary folder. By default, it is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP) | | View Hidden Files: Before you could delete them, you need to search for them, and before doing that you need to enable to view hidden files and folders Click here to read more... | | Boot in safe mode: Sometimes you will not be able to delete a file even if you find it, in that case you should boot in safe mode and then try to delete it/ them. Click here to read more... | | End Process in the Task Manager: If you find the virus processes running in the Task Manager, you can select them one by one and press End process button, that will help you to delete them from the hard disk. Click here to read more... | | Unable to Open Task Manager: If that happens, you can try these free tools to enable the task manager again. Click here to read more... | | Run CCleaner : If you manage to find the viruses and delete them, even then there will be associated entries in the windows registry. If you run a free software called CCleaner, that will help you to automatically clean the registry from the virus entries. Click here to read more... | Delete the registry keys manually: If you are brave enough to do so. You can edit the registry by using the windows built in registry editor. Click here to read more... There are several different viruses, which infect the computer in different ways. Here is a list of the reports. You need to browse through them to find out the one that has infected your computer. And then use that information to identify/ confirm and then to remove the virus. There would be additional files as well as registry keys to be removed, the similarity among them being ntos.exe file. Here is the list of reports Best of Luck , and let me know if i could be of any help. The reference reprinted with permission from Threatexpert |
|
