Interested to Buy Any Domain ? << Click Here >> for more details...
Urgent reply plz donot have time to serch on google plz
reply
the questions is how to remove newfolder.exe virus from my
windows 2003 server
i have all ready tried quick heal.spy hunter mcafee server .
plz reply
- 1 Answers
- 4250 Views
- I also Faced
- E-Mail Answers
Answer / murthyrajuch
I want to tell you a story, two days back i got affected by
this virus very badly as it eat up all my empty hard disk
space of around 700 MB .
I was surprised that my most reliable friend Avast, for the
first time failed me in this war against viruses but then
again avg and bitdiffender also failed against it. This
virus is know popularly as regsvr.exe virus, or as new
folder.exe virus and most people identify this one by
seeing autorun.inf file on their pen drives, But trend
micro identified it as WORM_DELF.FKZ. It is spreading
mostly using pen drives as the medium.
Well, so here is the story of how i was able to kill the
monster and reclaim my hard disk space.
Manual Process of removal
I prefer manual process simply because it gives me option
to learn new things in the process.
So let’s start the process off reclaiming the turf that
virus took over from us.
Cut The Supply Line
Search for autorun.inf file. It is a read only file so you
will have to change it to normal by right clicking the
file , selecting the properties and un-check the read only
option
Open the file in notepad and delete everything and save the
file.
Now change the file status back to read only mode so that
the virus could not get access again.
Click start->run and type msconfig and click ok
Go to startup tab look for regsvr and uncheck the option
click OK.
Click on Exit without Restart, cause there are still few
things we need to do before we can restart the PC.
Now go to control panel -> scheduled tasks, and delete the
At1 task listed their.
Open The Gates Of Castle
Click on start -> run and type gpedit.msc and click Ok.
If you are Windows XP Home Edition user you might not have
gpedit.msc in that case download and install it from
Windows XP Home Edition: gpedit.msc and then follow these
steps.
Go to users configuration->Administrative templates->system
Find “prevent access to registry editing tools” and change
the option to disable.
Once you do this you have registry access back.
Launch The Attack At Heart Of Castle
Click on start->run and type regedit and click ok
Go to edit->find and start the search for regsvr.exe,
Delete all the occurrence of regsvr.exe; remember to take a
backup before deleting. KEEP IN MIND regsvr32.exe is not to
be deleted. Delete regsvr.exe occurrences only.
At one ore two places you will find it after explorer.exe
in theses cases only delete the regsvr.exe part and not the
whole part. E.g. Shell = “Explorer.exe regsvr.exe” the just
delete the regsvr.exe and leave the explorer.exe
Seek And Destroy the enemy soldiers, no one should be left
behind
Click on start->search->for files and folders.
Their click all files and folders
Type “*.exe” as filename to search for
Click on ‘when was it modified ‘ option and select the
specify date option
Type from date as 1/31/2003 and also type To date as
1/31/2003
Now hit search and wait for all the exe’s to show up.
Once search is over select all the exe files and
shift+delete the files, caution must be taken so that you
don’t delete the legitimate exe file that you have
installed on 28st January.
Also selecting lot of files together might make your
computer unresponsive so delete them in small bunches.
Also find and delete regsvr.exe, svchost .exe( notice an
extra space between the svchost and .exe)
Time For Celebrations
Now do a cold reboot (ie press the reboot button instead)
and you are done.
I hope this information helps you win your own battle
against this virus. Soon all antivirus programs will be
able to automatically detect and clean this virus. Also i
hope Avast finds a way to solve this issues.
As a side note i have found a little back dog( winpatrol )
that used to work perfectly on my old system. It was not
their in my new PC, I have installed it again , as I want
to stay ahead by forever closing the supply line of these
virus. You can download it form Winpatrol website.
UPDATE : Avast Boot Time Scheduling
Check out How to stop regedit, task manager and msconfig
from closing automatically if your regedit or msconfig
closes automatically.
| Is This Answer Correct ? | 0 Yes | 0 No |
What is a characteristic of Store and Forward switches? A.) They work at wire speed. B.) They are the same as Cut-Through switching in 'prune' mode. C.) They forward based on transport layer info. D.) They forward the frame before it is completely read. E.) They increase latency.
When using RIP, routing updates are broadcast every ____ seconds. A. 30 B. 10 C. 60 D. 90
What is ccna?
Which type of switching is considered to be 'wire speed?' A.) Cut-Through B.) Multiplexed C.) Inverted D.) Layer 4 E.) Store and Forward F.) Layer 3
what the exact definition of Ethernet.plz reply as soon soon as possible
Which protocol will let neighbor routers know if your internetwork experienced congestion on a serial port? A.) BootP B.) IP C.) ICMP D.) ARP E.) FTP F.) RARP
srry for inconvnce ..here is complete qs...ignore the previous 1 3 router configured with RIP & Ripv2 rotuer 1- connected with router 2 having sr ip 10.0.1.2 routing : ripv2 E0:192.168.1.10 router 2: connected with router 1 and router 3 having sr 0 ip 10.0.1.3 & sr 1 ip 11.0.1.2 routing :rip & ripv2 E0=192.168.10.2 router 3: connected with router 2 having sr ip 11.0.1.3 routing: rip E0=172.16.10.2 is there communication possible?
When we use interface mode?
Novell NetWare has an Ethernet frame type called Ethernet_II. What is the matching Cisco command line keyword for this encapsulation method? A.) dix B.) sap C.) arpa D.) gns E.) snap F.) novell-ether
HI friends mine one of the friends have ask a good question i also donot know the answer so i am putting here Please poet the answer no matter it is wright or wrong put yours view here The question is like that when we are going to configure ospf then there are three way 1st way router ospf 10 netwrok 192.168.1.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 the 2nd way is like that router ospf 10 netwrok 192.168.0.0 0.0.255.255 area 0 but he inrodused the thrird way like router ospf 10 netwrok 192.168.00000001.0 < ?.?.?.?>area 0 router ospf 10 netwrok 192.168.00000010 <?.?.?.?>area 0 now problem is that what should i put the mask in this way so i puted ? sign Please solve this problem i think this is good one plz donot see for answer please contribute any thing i am reqesting Than you Jitendera kuamr sinha
You can access three forms of WAN services with Cisco routers. Select the three forms: A. Switched or relayed services B. Interface front end to IBM enterprise data center computers C. Using protocols that connect peer-to-peer devices like HDLC or PPP encapsulation. D. IPX/SPX E. NetBEUI
Name the command we give for see routing table?
CCNA 
