Tuesday, October 19, 2010

Fully Remove The Network Control Malware Trojan

Trojans are a type of malware that enter the user's computer under the pretext of being a useful program only to end up making many harmful changes to the computer. Network Control is one such Trojan that gets downloaded and installed on to user systems from malicious websites which the user makes the mistake of visiting. Once installed, it displays a message stating that a remote administrator named Adam1 changed some system files on Windows. Then, proceeds to warn the user falsely that the firewall has been compromised and that any malware could enter the computer. To overcome this problem, Network Control suggests that the user purchase and install such software as Advanced Net Firewall, Shield EC, Personal Network Protect, IP Blockader and Network Defender which are in fact malicious software that will not help the user in any way. Therefore instead of falling for this trick, you should immediately take steps to remove this malware.

As soon as you find an instance of this malware on your computer, you should take steps to initiate removal. In order to delete it, you need to stop its processes, unregister its DLL files, delete its files and folders and remove its registry entries.

File Removal Procedures

The first step you need to take for full removal is to stop the following processes from executing:

  • nc.exe
  • checker.exe

Next, it is necessary to unregister the following DLL file:

  • tmp.dll

The next step in removal is to delete the following files and folders:

  • C:\NetworkControl\
  • C:\NetworkControl\checker.exe
  • C:\NetworkControl\list
  • C:\NetworkControl\nc.exe
  • C:\NetworkControl\tmp.dll
  • C:\NetworkControl\tpm.dll
  • C:\WINDOWS\Fonts\segoeui.ttf
  • %UserProfile%\Local Settings\Temp\abc
  • %UserProfile%\Local Settings\Temp\i.bat

After these steps have been completed, it no longer resides on your hard disk. While in most cases following the manual removal procedures is sufficient, due to the prevalent nature of NC malicious software it is recommended to scan the entire computer using genuine antivirus software such as Spyware Doctor with Antivirus. In this way, not only that other hidden or yet unknown NC malicious components can be discovered but also other infections, if any, may be revealed and dealt with.

Registry Removal Procedures

The deletion of files and folders alone is not sufficient to completely remove NC. You need to remove the following keys and settings from the Windows Registry for complete the removal:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "NetworkControl"

Now your computer is safe from this harmful Trojan. For more useful malware removal tips, visit spywareremovalguides.com.