new_folder.exe is a virus which infects computer through autorun.inf (to disable autorun.inf, click
here) in removable drive. It will disable your task manager, folder option, command prompt and even your anti-virus. When you start any program which contain the words related to antivirus, it will terminate the programs. Thus, antivirus or any famous anti-spyware also cannot remove it completely. However, we can clean it manually by following the procedures:
- Download a-squared HiJackFree , install it and rename its executable file (a2HiJackFree.exe) to other name which is not related to antivirus, such as dfskjhfds743 so that it will not be terminated immediately after running.
- Run the renamed executable file. It may be terminated by the virus. Thus, you should rerun it a few times until you can kill the virus's process.
- Use it to kill the following processes:
compmgmt.exe, system.exe, debug_32.exe, dmadmin_1.exe and new_folder.exe
(how? click here.)
- Repeat step 2 and step 3 until you successfully kill the processes.
- Enable your command prompt, task manager, folder options, registry editor etc with RRT or download the tool created by me here. You may need to enable them a few times as the worm will disable them automatically.
- Delete compmgmt.exe, system.exe, debug_32.exe, dmadmin_1.exe and new_folder.exe in command prompt. (How to enter command prompt? click here.) In command prompt, type:
cd\ and press enter
del /A /F /S dmadmin_1.exe and press enter
del /A /F /S compmgmt.exe and press enter
del /A /F /S system.exe and press enter
del /A /F /S debug_32.exe and press enter
exit and press enter
- Goto registry editor, remove all keys and values related to compmgmt.exe, system.exe, debug_32.exe, dmadmin_1.exe and new_folder.exe
- Done!
Read also:
new_folder.exe removal guide
1 comment:
Good guidance given.
Invitation letter
Post a Comment