How to Remove New Folder.exe Virus Manually
[01:23 | 0 comments ]

Re-Share This Post: Technorati Digg This Stumble Stumble Facebook Twitter
New Folder.exe , The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it creates new startup key with name Iddono and value newfolder.exe. You can also find it in your processes list with name newfolder.exe or Iddono. This virus is very difficult to eliminate manually, but you can find several possible methods of removal below.

1st Method To remove New Folder.exe Virus Manually

  1. Search and delete the Autorun.inf
  2. Open Windows Task Scheduler or go to Control Panel > Scheduled tasks and remove any suspicious task
  3. Click on Start > run
  4. Now type here ‘msconfig’ and enter.
  5. In the startup tab, find entries like NewFolder.exe or regsvr.exe and uncheck them.
  6. Open Task Manager. In the processes tab, delete any process with the name of NewFolder.exe or regsvr.exe
  7. 5. Open Registry by typing ‘Regedit’ in the Run command box.
  8. Please take a backup of the registry before proceeding.
  9. Now search for regsvr.exe and Newfolder.exe. If you find any entries, delete them.
  10. Now simply delete the entries in the registryhaving the exact name as regsvr.exe. If that is appended with other entries, delete its occurrence only and not the whole thing.
  11. Restart the Computer

2nd Method to Delete New folder.exe

Use Windows File Search Tool to Find newfolder.exe Path
  1. Go to Start > Search > All Files or Folders.
  2. In the "All or part of the the file name" section, type in "newfolder.exe" file name(s).
  3. To get better results, select "Look in: Local Hard Drives" or "Look in: My Computer" and then click "Search" button.
  4. When Windows finishes your search, hover over the "In Folder" of "newfolder.exe", highlight the file and copy/paste the path into the address bar. Save the file's path on your clipboard because you'll need the file path to delete newfolder.exe in the following manual removal steps.
  5. Use Windows Task Manager to Remove newfolder.exe Processes
  6. To open the Windows Task Manager, use the combination of CTRL+ALT+DEL or CTRL+SHIFT+ESC.
  7. Click on the "Image Name" button to search for "newfolder.exe" process by name.
  8. Select the "newfolder.exe" process and click on the "End Process" button to kill it.
Detect and Delete Other newfolder.exe Files
  • To open the Windows Command Prompt, go to Start > Run > cmd and then press the "OK" button.
  • Type in "dir /A name_of_the_folder" (for example, C:Spyware-folder), which will display the folder's content even the hidden files.
  • To change directory, type in "cd name_of_the_folder".
  • Once you have the file you're looking for type in del "name_of_the_file".
  • To delete a file in folder, type in "del name_of_the_file".
  • To delete the entire folder, type in "rmdir /S name_of_the_folder".
  • Select the "newfolder.exe" process and click on the "End Process" button to kill it.

Third Procedure to Remove New Folder.exe virus manually

  1. Search for autorun.inf file. It is a read only file. Selecting the properties of file(s) and un-check the read only option.
  2. Open the file in notepad and delete everything and save the file.
  3. Now reverse the Step 1, change the file status back to read only mode so that the virus could not get access again.
  4. Click start->run and type msconfig and click ok
  5. Go to startup tab look for regsvr and uncheck the option click OK.
  6. Click on Exit without Restart.
  7. Go to control panel -> scheduled tasks, and delete the At1 task listed their.
  8. Click on start -> run and type gpedit.msc and click Ok.
  9. Go to users configuration->Administrative templates->system
  10. Find prevent access to registry editing tools and change the option to disable.
  11. Once you do this you have registry access back.
  12. Click on start->run and type regedit and click ok
  13. Go to edit->find and start the search for regsvr.exe,
  14. Delete all the occurrence of regsvr.exe; remember to take a backup before deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Only Delete regsvr.exe occurrences.
  15. At one or two places you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = Explorer.exe regsvr.exe the just delete the regsvr.exe and leave the explorer.exe
  16. Click on start->search->for files and folders.
  17. There click all files and folders
  18. Type *.exe as filename to search for
  19. Click on ‘when was it modified ‘ option and select the specify date option
  20. Type from date as current also type To date as current date
  21. Now ckick search and wait for all the exe’s to be shown in the search window.
  22. Once Search is completed select all the exe files and shift+delete the files,
  23. Also selecting lot of files together might make your computer unresponsive so delete them in small groups.
  24. Also find and delete regsvr.exe, svchost .exe (notice an extra space between the svchost and .exe)
  25. Now reboot your system and we are done

0 comments

Post a Comment

 
http://www.tsfaenterprise.com TSFA ENTERPRISE TSFA GAS OVEN AND HOME APPLIANCE IN PAKISTAN GAS OVEN GAS OVEN in pakistan Pakistan Home Appliance http://gasovenandhomeappliancesinpakistan.com/ TSFA ENTERPRISE TSFA GAS OVEN AND HOME APPLIANCE IN PAKISTAN GAS OVEN GAS OVEN in pakistan Pakistan Home Appliance