How to remove new folder exe or regsvr exe or autorun inf virus ...
--------------------------------------------------------------------------------
I want to tell you a story, two days back i got affected by this virus very
badly as it eat up all my empty hard disk space of around 700 MB .
I was surprised that my most reliable friend Avast, for the first time failed
me in this war against viruses but then again avg and bitdiffender also failed
against it. This virus is know popularly as regsvr.exe virus, or as new
folder.exe virus and most people identify this one by seeing autorun.inf file
on their pen drives, But trend micro identified it as WORM_DELF.FKZ. It is
spreading mostly using pen drives as the medium.
Well, so here is the story of how i was able to kill the monster and reclaim my
hard disk space.
Manual Process of removal
I prefer manual process simply because it gives me option to learn new things
in the process.
So let’s start the process off reclaiming the turf that virus took over from
us.
1. Cut The Supply Line
a. Search for autorun.inf file. It is a read only file so you will have to
change it to normal by right clicking the file , selecting the properties and
un-check the read only option
b. Open the file in notepad and delete everything and save the file.
c. Now change the file status back to read only mode so that the virus could
not get access again.
d.
e. Click start->run and type msconfig and click ok
f. Go to startup tab look for regsvr and uncheck the option click OK.
g. Click on Exit without Restart, cause there are still few things we need to
do before we can restart the PC.
h. Now go to control panel -> scheduled tasks, and delete the At1 task
listed their.
2. Open The Gates Of Castle
a. Click on start -> run and type gpedit.msc and click Ok.
b.
c. If you are Windows XP Home Edition user you might not have gpedit.msc in that case download and
install it from Windows XP Home Edition: gpedit.msc and then follow these
steps.
d. Go to users configuration->Administrative templates->system
e. Find “prevent access to registry editing tools” and change the option to disable.
f.
g. Once you do this you have registry access back.
3. Launch The Attack At Heart Of Castle
a. Click on start->run and type regedit and click ok
b. Go to edit->find and start the search for regsvr.exe,
c.
d. Delete all the occurrence of regsvr.exe; remember to take a backup before
deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe
occurrences only.
e. At one ore two places you will find it after explorer.exe in theses cases
only delete the regsvr.exe part and not the whole part. E.g. Shell =
“Explorer.exe regsvr.exe” the just delete the regsvr.exe and leave the
explorer.exe
4. Seek And Destroy the enemy soldiers, no one should be left behind
a. Click on start->search->for files and folders.
b. Their click all files and folders
c. Type “*.exe” as filename to search for
d. Click on ‘when was it modified ‘ option and select the specify date option
e. Type from date as 1/31/2008 and also type To date as 1/31/2008
f.
g. Now hit search and wait for all the exe’s to show up.
h. Once search is over select all the exe files and shift+delete the files,
caution must be taken so that you don’t delete the legitimate exe file that you
have installed on 31st January.
i. Also selecting lot of files together might make your computer unresponsive
so delete them in small bunches.
j. Also find and delete regsvr.exe, svchost .exe( notice an extra space between
the svchost and .exe)
5. Time For Celebrations
1. Now do a cold reboot (ie press the reboot button instead) and you are done.
I hope this information helps you win your own battle against this virus. Soon
all anti virus programs will be able to
automatically detect and clean this virus. Also i hope Avast finds a way to
solve this issues.
As a side note i have found a little back dog( winpatrol ) that used to work
perfectly on my old system. It was not their in my new PC, I have installed it
again , as I want to stay ahead by forever closing the supply line of these
virus. You can download it form Winpatrol website.
Please do reply if it works and u like my Post
E-mail ID KK_KK55@ymail.com
Reset XP and
Vista Login Passwords | 8.3MB
This works 100%. Tested it on DUAL boot (on same
hard drive XP & Vista in different partitions and resetted passwords on
both the operating systems) as well. Fantastic work in seconds. Even activated the
disabled Administrator account on Vista with ease resetted its pass as well.
WORKS JUST AWESOME.
INSTRUCTIONS ON HOW TO USE
To boot from CD:
1. Just burn the ISO on a blank / re-writtable cd
2. boot & follow instructions carefully.
To boot using a USB drive / key: (your target
system needs to support USB boot)
1. (make sure you have win rar or some tool to
extract the ISO files contents) Now right click the ISO and select Extract
option. Copy all files which you extracted onto the USB drive in open / root of
it. NOT IN ANY FOLDER
2. Run the following from a command prompt ( Start
> Run > cmd ) like this:
x:\syslinux.exe -ma x: where x is your USB drive
letter
replace x with some other letter if your USB drive
is on another
drive letter than x:
If it says nothing, it installed the bootloader
correctly.
3. Now make sure you have the USB boot option
selected and on top on the target computer
4. insert this USB in to the system and boot
5. boot menu will appear automatically
6. read the instructions carefully and reset the
passwords
Download Link (Clickable):
http://www.mediafire.com/?yl223ujluiamema
Password:
moviesnhacks
KKMASOOD |
|
$ 1000000 USD |
|
THIS IS NO.1 INDIAN IMAGE |