Interested to Buy Any Domain ? << Click Here >> for more details...
Urgent reply plz donot have time to serch on google plz
reply
the questions is how to remove newfolder.exe virus from my
windows 2003 server
i have all ready tried quick heal.spy hunter mcafee server .
plz reply
- 1 Answers
- 4332 Views
- I also Faced
- E-Mail Answers
Answer / murthyrajuch
I want to tell you a story, two days back i got affected by
this virus very badly as it eat up all my empty hard disk
space of around 700 MB .
I was surprised that my most reliable friend Avast, for the
first time failed me in this war against viruses but then
again avg and bitdiffender also failed against it. This
virus is know popularly as regsvr.exe virus, or as new
folder.exe virus and most people identify this one by
seeing autorun.inf file on their pen drives, But trend
micro identified it as WORM_DELF.FKZ. It is spreading
mostly using pen drives as the medium.
Well, so here is the story of how i was able to kill the
monster and reclaim my hard disk space.
Manual Process of removal
I prefer manual process simply because it gives me option
to learn new things in the process.
So let’s start the process off reclaiming the turf that
virus took over from us.
Cut The Supply Line
Search for autorun.inf file. It is a read only file so you
will have to change it to normal by right clicking the
file , selecting the properties and un-check the read only
option
Open the file in notepad and delete everything and save the
file.
Now change the file status back to read only mode so that
the virus could not get access again.
Click start->run and type msconfig and click ok
Go to startup tab look for regsvr and uncheck the option
click OK.
Click on Exit without Restart, cause there are still few
things we need to do before we can restart the PC.
Now go to control panel -> scheduled tasks, and delete the
At1 task listed their.
Open The Gates Of Castle
Click on start -> run and type gpedit.msc and click Ok.
If you are Windows XP Home Edition user you might not have
gpedit.msc in that case download and install it from
Windows XP Home Edition: gpedit.msc and then follow these
steps.
Go to users configuration->Administrative templates->system
Find “prevent access to registry editing tools” and change
the option to disable.
Once you do this you have registry access back.
Launch The Attack At Heart Of Castle
Click on start->run and type regedit and click ok
Go to edit->find and start the search for regsvr.exe,
Delete all the occurrence of regsvr.exe; remember to take a
backup before deleting. KEEP IN MIND regsvr32.exe is not to
be deleted. Delete regsvr.exe occurrences only.
At one ore two places you will find it after explorer.exe
in theses cases only delete the regsvr.exe part and not the
whole part. E.g. Shell = “Explorer.exe regsvr.exe” the just
delete the regsvr.exe and leave the explorer.exe
Seek And Destroy the enemy soldiers, no one should be left
behind
Click on start->search->for files and folders.
Their click all files and folders
Type “*.exe” as filename to search for
Click on ‘when was it modified ‘ option and select the
specify date option
Type from date as 1/31/2003 and also type To date as
1/31/2003
Now hit search and wait for all the exe’s to show up.
Once search is over select all the exe files and
shift+delete the files, caution must be taken so that you
don’t delete the legitimate exe file that you have
installed on 28st January.
Also selecting lot of files together might make your
computer unresponsive so delete them in small bunches.
Also find and delete regsvr.exe, svchost .exe( notice an
extra space between the svchost and .exe)
Time For Celebrations
Now do a cold reboot (ie press the reboot button instead)
and you are done.
I hope this information helps you win your own battle
against this virus. Soon all antivirus programs will be
able to automatically detect and clean this virus. Also i
hope Avast finds a way to solve this issues.
As a side note i have found a little back dog( winpatrol )
that used to work perfectly on my old system. It was not
their in my new PC, I have installed it again , as I want
to stay ahead by forever closing the supply line of these
virus. You can download it form Winpatrol website.
UPDATE : Avast Boot Time Scheduling
Check out How to stop regedit, task manager and msconfig
from closing automatically if your regedit or msconfig
closes automatically.
| Is This Answer Correct ? | 0 Yes | 0 No |
On an ISDN BRI interface, the control channel is the 'D' channel. What is the rate of this channel? A.) 64 Kbps B.) 1.544 Mbps C.) 128 Kbps D.) 2.048 Mbps E.) 16 Kbps
Which of these is the Private key? A. Bear B. Cave C. Indian D. Cowboy
In Novell's use of RIP, there are two metrics used to make routing decisions. Select the two metrics. A. Ticks. B. Hops C. Loops D. Counts
Identify the IPX standard access-list number range? A.) 600 - 699 B.) 1000 - 1099 C.) 1 - 99 D.) 100 - 199 E.) 800 - 899
Which layer of the 7 layer model is responsible for representing the application information between 2 different OS's? For example, converting ASCII to EBCIDIC. A.) Transport B.) Application C.) Physical D.) Session E.) Presentation F.) Network
ccna syallabus and what is the mean by troubble shooting
What do we check while configuring the server?
What cable called v.35?
Identify the command to display all the valid commands at the given mode? A.) Help all B.) Help C.) All commands D.) ?
How does a switch use store and forward? A.) By using a Class I repeater in a collision domain B.) The LAN switch copies the entire frame into its onboard buffers and then looks up the destination address in its forwarding, or switching, table and determines the outgoing interface C.) By using broadcast addresses as source addresses D.) The switch waits only for the header to be received before it checks the destination address and starts forwarding the packets
Suppose we have 4 switches runing in VTP mode. So when i create a VLAN in Server Switch this VLAN info reflect in all other switch. So question is - A) Suppose i m practicing this scenario in BOSON software, When a create a VLAN in server switch n ADD ports of switch to that VLAN, the same number of ports of client switch also belongs to dat VLAN. For example - In switch A (Server mode), i create a VLAN 7 name Hyderabad & port number 1, 2 & 3 put into this VLAN. Another Switch B (Client mode), its also showing that port number 1,2 & 3 belong the same VLAN. How cud it possible... As we know, VTP share only VLAN configuration information. Cud anyone explain it please....!!!! B)Same thing, when i m practicing in PACKET TRACER 5.0, its only showing that VLAN configuration information is shared. No port information is shared at all. I can manually configure individual switch port to respective VLAN as our wish. Cud anyone explain it please..!!!
UDP works at which layer of the DOD model? A.) Internet B.) Host-to-Host C.) Transport D.) Data Link
CCNA 
