How To remove New Folder virus

Have you ever noticed some strange files or folders in your USB drive or computer that you did not create? Do you find it difficult to open your Task Manager, Registry Editor, or Folder Options? If yes, then you might be infected by the new folder virus, also known as Newfolder.exe. This is a type of Trojan malware that can cause various problems for your system, such as stealing your data, installing more viruses, and allowing hackers to access your PC. In this article, we will explain what the new folder virus is, how it spreads, and how you can remove it from your PC using manual or automatic methods. We will also give you some tips on how to prevent this virus from infecting your PC again. So, let us begin.

What is Newfolder.exe?

The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it Creates new startup key with name Iddono and value newfolder.exe. You can also find it in your processes list with name newfolder.exe or Iddono. This virus is very difficult to eliminate manually, but you can find several possible methods of removal below.




How to fix Newfolder.exe?

Quick Solutions 

Most of the current date anti-virus solutions can detect Newfolder virus and remove the newfolder virus easily. 
  • Consider subscribing to a Paid Anti Virus Solution like Kaspersky, Mcafee 
  • Turn on Windows Defender (Available on Windows 10/11) - which is free 
  • Update/Upgrade Your Operating System
  • Format and Re-install your Operating system (Ex: C Drive) - Recommended

How to fix Newfolder.exe manually?

This problem can be solved manually by deleting all registry keys and files connected with this software, removing it from startup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by Iddono. To fix this threat, you should perform all the following operations

 Before performing the below operation you need to complete few extra steps as explained below

Delete the Following Files 

  • C:\WINDOWS\SCVVHSOT.exe
  • C:\WINDOWS\SCVHSOT.exe
  • C:\WINDOWS\hinhem.scr
  • C:\WINDOWS\system32\SCVHSOT.exe
  • C:\WINDOWS\system32\blastclnnn.exe
  • C:\WINDOWS\system32\autorun.ini
  • C:\Documents and Settings\All Users\Documents\SCVHSOT.exe

Kill the below Processes


- This can be done easily by entering the below commands in command prompt.
- To Open command Prompt, search for cmd.exe in windows search or hit "WIN + R", then type cmd.exe as shown below 

- Now, enter all the following commands in "Command Prompt (cmd.exe)"  as shown below. you can copy past all the commands into cmd.exe as once to remove newfolder.exe virus
taskkill /f /t /im 'New Folder.exe'
taskkill /f /t /im 'SCVVHSOT.exe'
taskkill /f /t /im 'SCVHSOT.exe'
taskkill /f /t /im 'scvhosts.exe'
taskkill /f /t /im 'hinhem.scr'
taskkill /f /t /im 'blastclnnn.exe'

Deleting Virus Files


- We Need to manually search and delete the below mentioned files 
·         libedit.dll
·         newfolder.exe
·         shelliddono.dll
·         srv0104.ids
·         srvidd20.exe


How To Delete These Files?


Search for the following files in Local disk C:/Windows, you can find them and it can be deleted easily, incase if you are not able to delete them, restart your system and by pressing Function key (F1-F12 it changes with system to system, so I am not mentioning it) you can shift into Safe Mode and repeat deletion. If you are unable to find the above mentioned files, final Option is to delete the registry entries

Deleting Registry keys


  • Open Registry editor by typing "WIN + R" command, then type 'regedit' as shown below and hit "OK"

  • Registry Editor should open, on the top of the registry editor, you need to copy paste 'Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run' or browse to this path and delete the registry values - alchem, nwiz.exe, zzb 
  • To Delete the registry value, all you need to do is right click on the entry and hit delete. 
  • Once you delete alchem, nwiz.exe, zzb values, restart your operating system and it should be free from newfolder.exe virus. So, that's how you remove newfolder.exe virus.

By following these steps carefully, you can attempt manual removal of the Iddono virus from your computer. However, for a quick and effective solution, we recommend using antivirus software like True Sword.



Conclusion


Removing the Iddono virus (Newfolder.exe) from your computer is crucial for your system's security. Whether you choose the quick solution by formatting your operating system or the manual removal process, make sure to act promptly to safeguard your data and privacy.

Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

No comments:

Post a Comment