Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Netuza32 virus, I Can't remove It


  • Please log in to reply
3 replies to this topic

#1 thedemoninside

thedemoninside

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 10 February 2010 - 05:40 PM

So, I went to a random website and got infected with a rootkit, I deleted it safely and rebooted my computer. After the reboot my computer seemed sluggish and in task manager I saw that CPU usage was 100%. I checked out what was causing it and I tracked it down to netuza32.exe. I ran MBAM, quick scan and full scan and it found nothing. I ran an Avast quick scan and it found nothing. I ran a SAS quick scan and it found nothing. My computer usage is still 100%, my computer is still sluggish and I have no idea how to remove it.

BC AdBot (Login to Remove)

 


#2 Paul O

Paul O

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, FL
  • Local time:05:24 PM

Posted 11 February 2010 - 04:51 PM

OK, I just wrestled this problem to the ground. Here is what worked for me and should work for you. (Based upon Win XP)
It will allow you to delete or remove the netuza32.exe trojan.

1) Boot into "Safe Mode" by pressing F8 prior to the Windows boot notification. Select Safe Mode (the top option). You can also select "Command Line"

2) Open up a command line window - Click on "Start" "Run ..." and enter "cmd" into the box

3) At the command prompt type and enter: cd start menu/programs/startup

4) Make sure you are in the correct directory by typing and entering: dir /as
You should see netuza32.exe listed

5) Delete netuza32.exe by typing and entering the following command: del /as /f netuza32.exe
(the /as refers to files with a "system" attribute and /f to force the deletion of read-only files)

6) Reboot your system and you should be good to go



Paul

Edited by Paul O, 11 February 2010 - 04:53 PM.


#3 Paul O

Paul O

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, FL
  • Local time:05:24 PM

Posted 11 February 2010 - 04:59 PM

BTW - Check your "System Restore" settings. I'm not sure how it happened, whether I did it myself, netuza32.exe did it, or the other program I was infected with caused it, but my system restore was turned off by the time everything was said and done.

Just another quick note:
Neither Microsoft Security Essentials did not identify any infection when one clearly existed. Panda's online Activescan seemed to identify a problem but failed to fix it. When I manually uploaded netuza32.exe to Kaspersky they identified it as a trojan.

Edited by Paul O, 11 February 2010 - 05:03 PM.


#4 thedemoninside

thedemoninside
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 11 February 2010 - 07:18 PM

I'm having a couple of problems now. Everytime I reboot windows, the task bar gets frozen and my computer slows down to a crawl. I open up firefox but it freezes also. I try to open My Computer but it never loads. I tried safe mode but a blue screen always pops up. I have no idea what to do.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users