nstrue.exe - Dangerous

nstrue.exe

Jeff's Story:

My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.

I sought a solution on the Internet and discovered your product and tried out the trial.

You quickly found the rootkit and SAVED my PC!

I haven't had any problems since, and I'm extremely grateful.

Fix it immediately:

Free Download

Manual removal instructions:

nstrue.exe

W32.Randex.Z is a network-aware worm that attempts to connect to a predetermined IRC server to receive instructions from its author.
Allows unauthorized execution of remote commands:
- ntscan: Performs the scan of a specific computer with weak administrator passwords and copies itself to these computers.
- cdkey: Collects CD keys of many popular games and sends them to the IRC channel.
- sysinfo: Retrieves the infected computer's information, such as CPU speed, memory, and so on.

Copies itself as the file, %System%\nstrue.exe.
Calculates a random IP address for a computer that it will try to infect.

Copies itself to shares that have weak passwords, as:
\\\C$\WINNT\SYSTEM32\mqfncv.exe
Schedules a Network Job to run the worm.

Adds the value:
"Pofatch"="nstrue.exe"
to the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
that's why the worm runs when you start Windows.

Use RegRun Startup Optimizer to remove it from startup.

Remove nstrue.exe now!

nstrue.exe - Dangerous

nstrue.exe

Jeff's Story:

Fix it immediately:

Manual removal instructions:

Download for free

Links

Select