What is Newfolder dot exe?
The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it creates new startup key with name Iddono and value newfolder dot exe. You can also find it in your processes list with name newfolder dot exe or Iddono.This virus is very difficult to eliminate manually, but you can find solution for removal below.
Manual Solution:
Step1:
1. Search for autorun.inf file. It is a read only file so you will have to change it to normal by right clicking the file , selecting the properties and un-check the read only option
2. Open the file in notepad and delete everything and save the file.
3. Now change the file status back to read only mode so that the virus could not get access again.
4. Autorun
5. Click start->run and type msconfig and click ok
6. Go to startup tab look for regsvr and uncheck the option click OK.
7. Click on Exit without Restart, cause there are still few things we need to do before we can restart the PC.
8. Now go to control panel -> scheduled tasks, and delete the At1 task listed there.
Step2:
1. Click on start -> run and type gpedit.msc and click Ok.
2.
3. If you are Windows XP Home Edition user you might not have gpedit.msc in that case download and install it from Windows XP Home Edition: gpedit.msc and then follow these steps.
4. Go to users configuration->Administrative templates->system
5. Find “prevent access to registry editing tools” and change the option to disable.
6. Opening the gate of castle: Group Edit Policies
7. Once you do this you have registry access back.
Step3:
1. Click on start->run and type regedit and click ok
2. Go to edit->find and start the search for regsvr dot exe,
3. Launch the attack in the heart of castle: registry search
4. Delete all the occurrence of regsvr dot exe; remember to take a backup before deleting. KEEP IN MIND regsvr32 dot exe is not to be deleted. Delete regsvr dot exe occurrences only.
1. Click on start->search->for files and folders.
2. Their click all files and folders
3. Type “* dot exe” as filename to search for
4. Click on ‘when was it modified ‘ option and select the specify date option
5. Type from date as 1/31/2008 and also type To date as 1/31/2008
6. Seek and destory enemy soldiers: the search option
7. Now hit search and wait for all the exe’s to show up.
8. Once search is over select all the exe files and shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31st January.
9. Also selecting lot of files together might make your computer unresponsive so delete them in small bunches.
10. Also find and delete regsvr dot exe, svchost dot exe( notice an extra space between the svchost and dot exe)
How To Remove Newfolder dot exe Virus?
12:27 PM
3 comments
Subscribe to:
Post Comments (Atom)
3 comments:
Nice post man !!
I know, this is going to help many !!
Thanks for posting your knowledge here... :)
thanks yogesh sir ji...but i am fan of your shayri,poem..really your all content is nice.i not i my all friend used to read your post and enjoy
Thanks ajeet,
I didn't know that. :)
Well, aapke comments nahi dekhe bahut apne blog par...kya aap silent reader hain? May be shayad maine note na kiya ho, please batayein..
aur haan, ek aur baat...
Aapko us virus ke baare me pata hai, jisme har window new window me khulti hai...Like if you open C drive, it'll open in new window..and every subsequent window will again open in new window..
If you have the solution to this problem/virus, please let us know.
If possible please mail the link of the solution to
To : yogesh249@gmail.com
CC : sushil_next@gmail.com
Hope to hear from u soon.
Post a Comment