Skip to main content

Remove REGVER.EXE And newfolder.exe viruses permanently


When ever your start your system it takes too much time to start  and you are just waiting waiting  and waiting when this system will resume to normal


1st of all you need to stop unwanted startup programs for that just  open Run .
then type msconfig  and hit enter now select startup  and uncheck everything  except a few microsoft and intel  files 

Plug a pendrive into a public computer and you will be pesked by the continuously replicating “New Folder.exe” virus or the “regsvr.exe” virus. Hear  my story, while I transferred my notes last night (around 600 folders) and I was surprised to  see that around 450 MB of space was eaten by these self replicating space eaters ! I was runningLinux so these were not a concern for me, but when I plugged my pendrive into my virtual machine (windows xp sp3), it caused multiple problems of explorer corruption and disabling registrytools.

Step 1 - Some Startup Repairs
First of all, boot into safe mode.After you get to your desktop,press F3 or Ctrl + F and search for “autorun.inf” file in your computer and delete all the subsequent files. I case you are no able to delete them, select all the files and uncheck the”Read Only” option. If you are still not able to delete them , you might want to try out Unlocker tool to delete the files.
Now go to
start – > run –> type ”msconfig
and press enter
Go to startup tab and uncheck “regsvr”, click ok and then click on “Exit without restart”.
Now go to
control panel –> scheduled tasks and delete “At1” task listed there.
Once done, close all windows.

Step 2 - Changing Configurations
Your registry might be disabled,and you need to activate it back to undo all the malicious changes done by worm.In order to do that, you need to go to
start – > run –> type ”gpedit.msc
and press enter
then navigate to
users configuration –> Administrative templates –> systems
Find “prevent access to registry editing tools” , double click it and change the option todisable.

Once done, your Regedit will be enabled. In case your task manager is disabled, you need to enable it.

Step 3 - Registry Edits
Now we have to perform some registry edits to enable our explorer and to remove all instances of worm from the registry. Go to
start – > run –> type ”regedit
and press enter
Click on Edit –> Find and search for regsvr.exe . Find and delete all the occurrences ofregsvr.exe virus (don't delete  regsvr32.exe as its not a virus).
then navigate to entry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
and modify the entry
Shell = “Explorer.exe regsvr.exe”

to delete the regsvr.exe from it,so that it becomes
Shell = “Explorer.exe
Once done, close all windows and get ready to delete all virus files.

Comments

Post a Comment

Further If You Want Us To Write About a Topic Which You Are Finding Difficult You can leave a Comment Here

Popular posts from this blog

6 Insane Discoveries That Science Can't Explain

We like to feel superior to the people who lived centuries ago, what with their shitty mud huts and curing colds by drilling a hole in their skulls. But we have to give them credit: They left behind some artifacts that have left the smartest of modern scientists scratching their heads. For instance, you have the following enigmas that we believe were created for no other purpose than to fuck with future generations. #6.   The Voynich Manuscript The Mystery: The Voynich manuscript  is an ancient book that has thwarted all attempts at deciphering its contents. And it's not like some idiot just scribbled a bunch of nonsense on paper and went, "Figure THIS out, fuckwads." It is actually an organized book with a consistent script, discernible organization and detailed illustrations. It appears to be a real language--just one that nobody has seen before. And it really does appear to mean something. But nobody knows what. There is not even a con...
Post a Comment
Read more

How to hack Rapid share and Mega upload

Hack Rapid share and Mega upload Clock Countdown Hi all, This is for those who have to wait for about an hour after downloading certain amount of stuff from rapid share , megaUploads  etc Main problem is they are tracing your ip address so you can only download a file after some clock time  . To overcome this time constraint follow these steps: mega upload Links, Download, Rapid share Links, rapid share movies, rapid share free, hack rapid share, hack mega upload. RAPID SHARE mega upload Links, Download, Rapid share Links, rapid share movies, rapid share free, hack rapid share, hack mega upload. Method 1 1.open your rapid share link 2.then click on free. 3.As soon as timer start type this in address bar and click enter javascript:alert(c=0) 4.a pop up message will come click ok your counter is zero just download the stu mega upload Links, Download, Rapid share Links, rapid share movies, rapid share free, hack rapid share, hack mega upload. Method 2 1.Delet...
3 comments
Read more

Windows Best Softwares Collection You Never Know

7 zip Compression Software 7-zip is the best file compression software ever with file size less than 1.5 MB . This  File  Compression tool can convert any file to any Compression format (e.g.  .rar , .zip , .zipx , .7z , .tar , .tar.gz , .gz2 , .gz , .archive  etc...)  and can also decompress from any Format to Original file . Its Own Compression Format  .7z  is the Best compresion format in present time it gives you more compresion than any one else whether it is  Winzip , Winrar or any thing else  .  One of  its best feature is that it can Join the part files which you download from internet , and use programs like hjsplit to join them . It can also  break big files in to part files which can  be carried easily and  joined  again at destination . This is an Free Software Which is Available Free of cost at its official website and also at sourceforge.com  . To download this Software  Fo...
3 comments
Read more