How to remove new folder.exe/regsvr.exe or autorum.inf Virus?
The new folder.exe/regsvr.exe or autorum.inf virus is one of the most common viruses. In this article, I will explain to you what are the steps to remove new folder.exe/regsvr.exe or autorum.inf virus from your computer.
Basic Affects of virus on computer system
Virus is of many types that causes problem in your computer system such that it slows down the speed of system by blocking various processes which is required for the optimized performance of the system. It not only replicates itself using the host computer but also disables the task manager, disables registry editor settings, changes windows startup settings, creation of exe files in shared folders, disable folder option modes and utilize the resources of CPU at faster rate because viruses are meant for slowing down the speed of your system.How Virus works in your host machine?
There are so many dangerous viruses in the market but out of them I have seen one in my friend personal computer which is very dangerous among them and known with the name of replication virus which produces the copy of itself when the user executes it such that sucking the space of the hard disk at faster rate and creates copy of itself every time you click on the execution file. If Any folder that is infected from this virus residue in current directory then it will copy itself in the sub directory also, when you double click on it then same sort of data are there in the sub directory as well. In this way, it will suck space of your hard disk. In case it will not stop at right time then it will suck whole space of your hard disk. Moreover, this virus is known as new folder.exe/regsvr.exe or autorum.inf virus because it creates duplicate copy of data with the name of new folder.exe.Source of the new folder.exe copy virus
This virus is copy folder virus that sucks your hard disk space at rapid rate and copy the folder within sub folders and main source of it is pen drive and any external storage medium through the help of which you have shared or transferred data. Instead of this, it is also there in the internet world from where it comes in your computer system from downloaded stuff or from infected links on which you have clicked. Therefore, before making any click on the unknown link, you must first verify whether you are using updated anti-virus software or else check the certificate of the page from where you are downloaded your software's, the hackers and crackers make use of the binders that will bind this new folder.exe virus with the downloaded software and games and finally affects your computer system.How to remove new Folder.exe virus from computer system?
In order to prevent the eating up of your hard disk space, make use of the updated anti-virus software in your system that will avoids the entering of this virus in your system and once it is entered in your system then most of the updated anti-virus will not capable to remove it system because it denied all the editing rights. So, it is better to go for the manual settings within the system that will remove registry of virus from there and also helps the user to know how virus affects the system registry settings and what are the new privileges rights that it got after entering into the system. Therefore, I am providing the manuals steps for removal of new folder.exe virus from computer system which is given below-Remove the attachment of New Folder.exe virus from system
In most of the cases, there is a file with the name of autorum.inf file that sets the privilege status as read only file which does not allow user to make manual editing in it and you have to first remove the privilege rights from system by right clicking on the new folder. Exe and then select the properties option from there and finally un-check the read only option there in the dialog box.
After that open the same file in notepad and delete all coding there in the notepad and finally save the file with same sort of extension without changing the original extension of file and then save the status of file as read only file so that further editing rights can be prevented.
Click on the start -> run and type the msconfig there and then press enter key then new windows will appear and after that go the startup tab for search of the file regsvr then uncheck it and then click on OK.
After that click on the exit option before restarting your windows because we have to proceed through the other steps too and finally go the control panel then click on scheduled tasks and finally delete the At1 task from there then close the windows after click on OK.Opening the path and prevent further registry access
Once you have removed attachment of virus then you have to open the path for the virus registry where you have prevented further access of file such that click on the start -> run and then type gpedit.msc and then click on OK.
Finalized window that appears will be shown below-
Once you have open window that is indicated above then click on the user configuration -> administrative -> system and then a new window will appear where you will find so many entries and out of them look for prevent access to registry editing tools and then click on the disable option which will provide you registry access back.Attack the file manually using registry access
In order to attack the file, you have to go to registry settings after click on start -> run and then type regedit.exe there and click on OK then it will open a window with 5 main classes and there you have to go to edit option and start searching for regsvr.exe.
Once you have found that regsvr.exe file then delete the occurrence of regsvr.exe file.Final attack on virus and file associated with it
In order to make final attack on the newfolder.exe virus, you have to click on the start -> search and then click on the files and folders which is there on the left side of the search menu and then type the *exe within the file name text box and then click on the search option then it will display you list of executable files with extension( .exe) and then refine your search by clicking on the “modified with respect to date" option that will provide you only the files that is modified with respect to time and date. You have specified the date on which virus has entered in your system and then again hit for search option.
Once you have click on the search option then you will provided with selected executable files that are updated or modified within the date and time limit specified by you and leave the file with name of legitimate.exe and delete the rest of files one by one so that files and folders that are infected from virus will be deleted and make sure that regsvr.exe, svchost.exe should be deleted from there.Virus deleted but still requires few modification settings
Once you have configured settings for virus removal then you have to reboot the system and then all the virus privileges settings are removed from your system then you have to install the updated anti-virus that will easily detect the infected files and folders and you can enjoy the safe drive for your system.
Hi,
Great job sir, its very helpful for all of us, and the way you have explained is quit understable. Very good articles as it explains the big problems as well as solution which we are facing generally.
Regards,
jeevan