How to Remove New Win32 Virus

Techwalla may earn compensation through affiliate links in this story. Learn more about our affiliate and product review process here.
New Win32 can steal your financial information.

New Win32, also known as Trojan.Win32.Agent.crhz, is a Trojan downloader virus. This means that once it infects your computer, New Win32 may download additional Trojans and viruses. In addition, New Win32 may collect your personal information and communicate it to a remote hacker, slow your computer, change your Internet and desktop settings, and cause your computer to crash. The best way to remove New Win32 is to run your antivirus program. However, the virus can also be removed manually by following the steps below.

Advertisement

End Processes

Video of the Day

Step 1

Press "Ctrl-Alt-Delete."

Video of the Day

Step 2

Click on the "Task Manager," then click on the "Processes" tab.

Advertisement

Step 3

End the following processes. To end a process, right-click on it and select "End Process."

"Windir\INETINFO.exe" "Windir\messenger\messenger.exe"

Delete Registry Values

Step 1

Hold down the Windows key and press "R" (or click "Start" and then "Run"). A dialog box opens.

Advertisement

Step 2

Type "regedit" (without the quotation marks) into the box and click "OK." The Registry Editor opens.

Step 3

Locate the following registry values in the left pane of the Registry Editor and delete them. To delete a registry value, right-click on it and select "Delete."

Advertisement

"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA\0000\Control]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA\0000]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETRA]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra\Enum]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra\Security]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netra]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA\000\Control]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA\0000]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETRA]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra\Enum]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra\Security]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netra]" "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]" "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]" "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]"

Advertisement

Advertisement

Delete DLL Files

Step 1

Hold down the Windows key and press "R" (or click "Start" and then "Run"). A dialog box opens.

Step 2

Type "cmd" (without the quotation marks) into the box and click "OK." The Command Prompt opens.

Advertisement

Step 3

Type "regsvr32 /u licxnoc" (without the quotation marks) at the Command Prompt and press "Enter."

Step 4

Type "regsvr32 /u temp" (without the quotation marks) and press "Enter."

Advertisement

Delete Files

Step 1

Click "Start."

Step 2

Click on the "Search Programs and Files" box.

Advertisement

Step 3

Search for and delete the following files. To delete a file, right-click on it and select "Delete."

"System\Setup\licxnoc.dll" "Windir\inf\pp3.inf" "ProgramFiles\Windows NT\fsdd.log" "Windir\INETINFO.exe" "Windir\messenger\messenger.exe" "System\temp.dll"

Advertisement

Advertisement

references

Report an Issue

screenshot of the current page

Screenshot loading...