NewFolder.exe is one of the most irritating virus that you will ever come across. It mainly infects through thePen Drive and once it does, it will create exe files resembling the name of all your folders. If your folder has name “docs”, it will create the file ‘Docs.exe’ and similar files for all your folders. In the worst case, it can even disable your task manger, Folder Options, RegEdit etc.
It will have names like NewFolder.exe or regsvr.exe. Luckily, its removal tools are available . Download it from here. I tried the download tool and it was successfully able to remove the NewFolder.exe virus from my computer and even the USB drive. After you download the ComboFix.exe, run it in safe mode. Some antivirus may detect the removal tool as a virus but it is perfectly safe. ComboFix will run for around 5-10 minutes, it will also create a restore point and might restart the computer if needed. Keep your USB drive connected to Computer if that is also infected. After ComboFix has finished executing, you will see the list of files, it has removed. In most cases, the virus should be gone from the PC along with the USB drive.
1. Delete the Autorun.inf and other suspicious exe files from your pen drive using the other post available here in our blog.
2. Open Windows Task Scheduler or go to Control Panel –>Scheduled tasks and remove any suspicious task
3. Click on Start –> run and type –> ‘msconfig’. In the startup tab, find entries like “NewFolder.exe” or “regsvr.exe” and uncheck them.
4. Open Task Manager. In the processes tab, delete any process with the name of NewFolder.exe or regsvr.exe
5. Open Registry by typing ‘Regedit’ in the Run command box. Please take a backup of the registry before proceeding. Now search for “regsvr.exe” and “Newfolder.exe” . If you find any entries, delete them. Please delete the entries having the exact name as “regsvr.exe” and not anything else. If that is appended with other entries, delete its occurrence only and not the whole thing.
6. Restart the Computer
I hope this solves your problem.
Source: whoismadhur
Tuesday, May 12, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment