Skip to main content

How To Remove Newfolder.exe Virus?

What is Newfolder.exe?

The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it creates new startup key with name Iddono and value newfolder.exe. You can also find it in your processes list with name newfolder.exe or Iddono.This virus is very difficult to eliminate manually, but you can find solution for removal below.

For Auto Scan Click This

Manual Solution:

Step1:
1. Search for autorun.inf file. It is a read only file so you will have to change it to normal by right clicking the file , selecting the properties and un-check the read only option
2. Open the file in notepad and delete everything and save the file.
3. Now change the file status back to read only mode so that the virus could not get access again.
4. Autorun
5. Click start->run and type msconfig and click ok
6. Go to startup tab look for regsvr and uncheck the option click OK.
7. Click on Exit without Restart, cause there are still few things we need to do before we can restart the PC.
8. Now go to control panel -> scheduled tasks, and delete the At1 task listed there.

Step2:
1. Click on start -> run and type gpedit.msc and click Ok.
2.
3. If you are Windows XP Home Edition user you might not have gpedit.msc in that case download and install it from Windows XP Home Edition: gpedit.msc and then follow these steps.
4. Go to users configuration->Administrative templates->system
5. Find “prevent access to registry editing tools” and change the option to disable.
6. Opening the gate of castle: Group Edit Policies
7. Once you do this you have registry access back.

Step3:
1. Click on start->run and type regedit and click ok
2. Go to edit->find and start the search for regsvr.exe,
3. Launch the attack in the heart of castle: registry search
4. Delete all the occurrence of regsvr.exe; remember to take a backup before deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe occurrences only.
5. At one ore two places you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = “Explorer.exe regsvr.exe” the just delete the regsvr.exe and leave the explorer.exe

Step4:
1. Click on start->search->for files and folders.
2. Their click all files and folders
3. Type “*.exe” as filename to search for
4. Click on ‘when was it modified ‘ option and select the specify date option
5. Type from date as 1/31/2008 and also type To date as 1/31/2008
6. Seek and destory enemy soldiers: the search option
7. Now hit search and wait for all the exe’s to show up.
8. Once search is over select all the exe files and shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31st January.
9. Also selecting lot of files together might make your computer unresponsive so delete them in small bunches.
10. Also find and delete regsvr.exe, svchost .exe( notice an extra space between the svchost and .exe)

Step5:
1. Now do a cold reboot (ie press the reboot button instead) and you are done.
Labels:

Comments

Post a Comment

Popular posts from this blog

APPLICATIONS OF NON LINEAR FIBRE OPTICS

3 comments
Read more

MECHANICAL PROJECTS DOWNLOADS

Robotics Projects How to build a Robot Robot Basics Solar Energy Projects Solar Energy (pdf) Solar Energy Scien ce Projects Solar Solar2 Solar Compressor Solar Power Air Compresso r Uses of Solar Power Air Compressor Hovercraft Hovercraft definition by wiki : click h ere It would be awesome if you designed a hover car based on the hover board designs. How to Build my Own hovercraft? What is hovercraft? Vaccum cleaner powered , Large simple HoverCraft How do I build my flying hovercraft (pdf) Make your own Hovercraft Build a riding Hovercraft Helpful Videos Helpful links : Vaccum cleaner powered , Large simple HoverCraft How do I build my flying hovercraft (pdf) Make your own Hovercraft Build a riding Hovercraft Stirling Engine Stirling engine definition by wiki : click here Frequently Asked Question : Q1.How can Stirling engine generate electric Po wer? Ans1.A Stirling engine generates mechanical torque directly from heat through the operation of the Stirling cycle on a worki...
2 comments
Read more

Where does the World's greatest Brand names came from ?

Adobe - came from name of the river Adobe Creek that ran behind thehouse of founder John Warnock. Apache - It got its name because its founders got started by applying patchesto code written for NCSA's httpd daemon. The result was 'A PAtCHy'server -- thus, the name Apache Apple Computers - favorite fruit of founder Steve Jobs. He was three monthslate in filing a name for the business, and he threatened to call his company AppleComputers if the other colleagues didn't suggest a better name by 5 o'clock. CISCO - its not an acronym but the short for San Francisco. Google - the name started as a jokey boast about the amount of informationthe search-engine would be able to search. It was originally named 'Googol',a word for the number represented by 1 followed by 100 zeros. After founders,Stanford grad students Sergey Brin and Larry Page presented their project toan angel investor, they received a cheque made out to 'Google' Hotmail - F...
Post a Comment
Read more