NMIKAA.EXE, NKS.EXE - Trojan? how to remove?

July 7, 2011 at 19:19:47
Specs: Windows XP

Just noticed last night i was getting random websites opening themselves up in IEexplorer while i was using Opera? Did a taskmanager check of the processes running and noticed these 2 unusual ones that aren't normally there:


I've searched the registry and only found a few entries but i think that was just as 'recent' files or as search terms...

But i did find the file with each name in windows sys 32... but only one name was present at a time... deleting didn't help as the file came back as did the process in taskman

Any advice would be appreciated on the exact name of this virus/trojan, and how to remove it? especially as i couldn't find anything on the net about it.


See More: NMIKAA.EXE, NKS.EXE - Trojan? how to remove?

July 7, 2011 at 21:26:01

Try the following:

Please download TDSSKiller

Save it to the Desktop.

Now, double-click* on TDSSKiller.exe to run the program.

Click the 'Start Scan' button.

Do not use the computer during the scan

If the scan completes with nothing found, click Close to exit.

When the scan finishes it displays a Scan results screen stating whether or not an infection was found on your computer.

To remove the infection, click on the Continue button.
If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button.

Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.

Reboot to finish the cleaning process.

A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller. is created and saved to the root directory (usually Local Disk C:).

>>Please provide the contents of TDSSKiller in your reply.<<

Next, download iExplore.exe, which is a renamed copy of RKill:

[If the file does not download, paste the following, >without the brackets<, in the address bar of your browser:

Save the file to the Desktop, and double-click on it.
Ignore any messages, and allow the file to run until the command window closes.

Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:

Double-click mbam-setup.exe and follow the prompts to install the program.

Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

>>Please post the >Malwarebytes log< in your reply.<< so we can see where we are at, and plan any additional removal strategy.<<

Retired - Doin' Dis, Dat, and slapping malware.

Report •
Related Solutions

Ask Question