How To Kill Virus Regsvr, New Folder, Autorun.inf

27 08 2008

Have You experienced something troubled to computer? You harddisk is corrupted by unknown virus till 700 MB. That’s horrible enough, make our computer worse. It may be caused by familiar virus of digital era “regsvr.exe” or new folder.exe.(WORM DELF.FKZ). Dont be worried just relaxed. There is an easy troubleshooting way to handle.

STEPS to kill those viruses:

8) Foreplay Way

1. Search file autorun.inf. Change the condition “read-only” by selecting properties – remove check “read only”.


2. Open file of simple notepad and delete everything and save the file.
3. Next, Change file status, back to “read only” so that the virus could not get access again.😀
4. Autorun INF: cutting the supply line
5. Click START->RUN and Type msconfig, ENTER.
6. Go to startup tab, Find “regsvr” and remove ‘check’ and click OK.
7. Click ‘Exit without Restart’, Because there is one important bussiness to solve.
8. Go to control panel -> scheduled tasks, Delete ‘At1 task’.

8) Lovely Medium Action
1. START -> RUN and type: gpedit.msc and ENTER.
2. Lovely Medium Action: Starting the gepedit or msconfig
4. Move pointer mouse to users configuration->Administrative templates->system
5. Find “prevent access to registry editing tools” Click twice and change option become disable.


6. Opening Group Edit Policies
7. Congratulation!!! You have found registry access again.

8) Hurt Heart Hard
Keep Fighting
1. START->RUN and type: regedit. ENTER
2. Select EDIT-> FIND ‘regsvr.exe’
3. Hurt Heart Hard: registry search
4. Delete All relating regsvr.exe; Remember to get back up before deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe occurrences only, Right!.
5. Maybe you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = “Explorer.exe regsvr.exe” Jadi just delete the regsvr.exe and leave the explorer.exe

8) Launch Red hat Soldiers
1. START->SEARCH->for files and folders.
2. Type “*.exe” as filename to search for
3. Click ‘when was it modified ‘ option and select the specify date option
5. Type from date as 1/31/2008 and also type To date as 1/31/2008 (Just example)
6. Launch Red Hat Soldiers to seek and destory enemies: the search option
7. Wait for the results.
8. select all the exe files dan shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31st January.
9. Select all files that make your computer unresponsive, so deleting those.
10. Find and delete regsvr.exe, svchost.exe ( Let’s have a look at extra space between svchost and regsvr)

8) It’s Time to Celebrate for victory
1. Do a cute reboot and Now you are a virus killer.
2. Wrote while I can not reach mydestination to graduate from college in August, 2008…

Foreplay Way, Lovely Medium Action, Hurt Heart Hard, Launch Red hat Soldiers, It’s Time to Celebrate for victory, Just mywords.
amiworks.

(Indonesian Language)
CARA MENGHANCURKAN VIRUS “new folder.exe” , “regsvr.exe” dan “autorun.inf”

Pernah mengalamikah hal yang mengenaskan di komputer? Kapasitas HDD Komputer yang
dikorupsi ama virus sampe 700 MB. That’s horrible, make our computer worse. Salah satu biang keroknya bisa datang dari virus yang udah lumayan familiar di blantika digital “regsvr.exe”
atau new folder.exe.(WORM DELF.FKZ). Dont be worried just relaxed. ada cara easier menanganinya.

8) Foreplay Way
1. Search file autorun.inf. Change the condition “read-only” by selecting properties – remove check “read only”.
2. Open file of simple notepad yang penampilan kesehariannya sangat sederhana ini dan delete everything and save the file.
3. Next, Ubah file status kembali ke “read only” so that the virus could not get access again.😀
4. Autorun INF: cutting the supply line
5. Klick START->RUN dan ketik msconfig, ENTER.
6. Go to startup tab, Cari “regsvr” dan buang tanda ‘check’ and click OK.
7. Klik ‘Exit without Restart’, Karena masih ada yang harus diselesaikan antara Kamu, Aku, Dia dan virus.
8. Silahkan menuju control panel -> scheduled tasks, Hapus ‘At1 task’.

8) Lovely Medium Action
1. Pilih START -> RUN dan ketik: gpedit.msc dan ENTER.
2. Lovely Medium Action: Starting the gepedit or msconfig
4. Tujukan pointer mouse ke users configuration->Administrative templates->system
5. Cari “prevent access to registry editing tools” klik 2x and ubah optionnya menjadi disable.(gambar2)
6. Opening Group Edit Policies
7. Congratulation!!! Kamu dah nemuin akses registry seperti sediakala.

8) Hurt Heart Hard😀
Keep Fighting
1. START->RUN and type: regedit. ENTER
2. Pilih EDIT->FIND Dan cari biang keroknya ‘regsvr.exe’
3. Hurt Heart Hard: registry search
4. Delete Semua yang berbau regsvr.exe; Ingat jangan lupa membackupnya sebelum didelete. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe occurrences only, Right!.
5. Pada satu atau 2 tempat, you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = “Explorer.exe regsvr.exe” Jadi just delete the regsvr.exe and leave the explorer.exe

8) Launch Red hat Soldiers
1. START->SEARCH->for files and folders.
2. Type “*.exe” as filename to search for
3. kLIK ‘when was it modified ‘ option Dan select the specify date option
5. Type from date as 1/31/2008 and also type To date as 1/31/2008 (Just example)
6. Launch Red Hat Soldiers to seek and destory enemies: the search option
7. Sekarang tunggu hasilnya keluar semua.
8. select all the exe files dan shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31st January.
9. Pilih file-file yang buat computer kamu unresponsive jadi delete aja semuanya.
10. Cari and delet regsvr.exe, svchost.exe ( Coba perhatikan extra space antara svchost and regsvr)

8) It’s Time to Celebrate for victory
1. Lakukan a cute reboot yang maniez and Now you are a virus killer.
2. Ditulis saat diri ini gak bisa ngejar wisuda bulan agustus 2008…Stressss

Foreplay Way, Lovely Medium Action, Hurt Heart Hard, Launch Red hat Soldiers, It’s Time to Celebrate for victory, Cuman kiasan gue aja.


Actions

Information

19 responses

19 09 2008
roshan

it is very nice for a good debugger

20 09 2008
raju

veru excellent metho to delete tjis virus

21 09 2008
ardiansyahputra

@ Dear roshan and raju
Thanks for visiting, How about India?

19 11 2008
zaw zaw han

hi,nice to friend with you.pls advertise to me ,how to kill new folder.exe and chrome.exe .pls reply to me sir.
regards
zaw zaw han

21 11 2008
ardiansyahputra

@ Dear zaw zaw han
Ya, glad to make a friendship with You

28 11 2008
yellowcrab

i have some problem with an autorun virus written by myanmar boys.
i tried with your way .not success.can you help me. please mail me to yellowcrab@gmail.com
thanks a lot to you.

7 12 2008
kalyan

hi
I am having a problem with my laptop infected with autorun.inf and newfolder virus .It is having the fallowing problems
1.taskmanager is closing when we are deleting the effected process
2.system is closing suddenly
3.command prompt is closing just in a span of time.
please tell me a clear solution with use of any software…………..
thanking you

15 12 2008
Rajinder

I got all the process but only thing troubling that i m not able to find the autorun.inf

if anyboby let me know it will be great

and plz e-mai me……….

16 12 2008
ardiansyahputra

Wellcome all.Try more!

15 01 2009
yo

he is giving a very big thing to do i’ll give u the simple formula tht is

@echo on
taskkill /im explorer.exe /f
taskkill /im w½Å±¾.exe
start reg add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\EXplorer\Advanced /v ShowSuperHidden /t REG_DWORD /d 1 /f
start reg import kill.reg
del c:\autorun.* /f /q /as
del %SYSTEMROOT%\system32\autorun.* /f /q /as
del d:\autorun.* /f /q /as
del e:\autorun.* /f /q /as
del f:\autorun.* /f /q /as
del g:\autorun.* /f /q /as
del h:\autorun.* /f /q /as
del i:\autorun.* /f /q /as
del j:\autorun.* /f /q /as
del k:\autorun.* /f /q /as
del l:\autorun.* /f /q /as
start explorer.exe

Just copy/paste the above code in a notepad and save it giving any filename with the extension .bat (Example kill_autorun.bat)

and run the file.. your problem will be solved..

3 03 2009
Alexwebmaster

Hello webmaster
I would like to share with you a link to your site
write me here preonrelt@mail.ru

5 03 2009
matew..

hi… i have a form to kill shell322.exe , autorun inf recycler any many variants…only write to mi msn… is that i am from colombia and my english is not very good

5 03 2009
matew..

my msn is amateo1987@hotmail.com i only want help you… to kill those ugly virus

7 03 2009
santosh

i have some problem with an autorun virus written by myanmar boys.
i tried with your way .not success.can you help me. please mail me to sanadi77@gmail.com
thanks a lot to you.

20 03 2009
robanwoods

saya dapat serangan virus2 yang meng execute autorun.inf dan mencipatakan file2 exe dan cmd di hrd drive, and meng dis able show hidden files, please help me bro
here are the related goddamn virus:

[AutoRun]
;wlsoLkr3SJa
open=gyn.cmd
;oowOkAn793l4SLk2Zk7iLaddlo3sdqi
shell\open\Command=gyn.cmd

yh.cmd
gyn.cmd

gw dah coba cara rename autorun seperti yang anda bilang, tapi tetap tidak terusir dari pc saya

thanks in advance

god loves ya

7 04 2009
Sami Ullah

interesting Solution

5 05 2009
Down_China

I have this new folder and reg virus once I plugged in my pen drive to the PC.
Will the above mention steps will be able to kill the virus?
when I play video the subtitle are coming in numbers and special character. Is tis because of the new folder virus?

26 08 2009
charles

Thanks very much but what about if it attacks a pendrive?

24 11 2009
Naga Raju Barri

Hi all,
I have developed a Software that automatically looks after the system and removes the autorun.inf file, if exists, when a pendrive is inserted. And also, at every startup, it a program runs and will look after the registry for any known entries are made to the run key. If so, it deletes the file regarding the key and also the entry to the registry. Please check this once at: http://naga-barri.blogspot.com/2009/11/systemcleanerforwindows.html
I think you will enjoy this project. Based on your comments, I will further enhance it to have a better performance.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: