The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it creates new startup key with name Iddono and value newfolder.exe. You can also find it in your processes list with name newfolder.exe or Iddono.

• The Process is packed and/or encrypted using a software packing process
• Found on infected systems and resists interrogation by security products
• Executes a Process
• Registers a Dynamic Link Library File
• This process creates other processes on disk
• Changes the Internet Explorer Home Page Settings
• Looks at the contents of the autoexec.bat file
• Reads email address and phone book details
• Adds products to the system registry
• Modifies Windows Security Policies to restrict/expand User Privileges on the machine
• Disables the built in Windows File Protection System
• This Process Deletes Other Processes From Disk
• Can communicate with other computer systems using HTTP protocols
• Changes of IE options including home page, security tab, colour, font, advanced, menu
• Disables Access to the Windows Registry Editior
• Disables Access to the Task Manager built into Windows
• Adds a Link in the Start Menu

• Added as a Registry auto start to load Program on Boot up
• Deleted as a process from disk
• Executed as a Process
• Created as a process on disk
• Registered as a Dynamic Link Library File
• Has code inserted into its Virtual Memory space by other programs
• Added as a Link in the Start Menu

Below are manual removal instructions for newfolder.exe so you can remove the unwanted file from your PC. Always be sure to back up your PC before you modify anything.

Never double click on such files which look like folders, instead use folder view for navigation. You may like to disable “Shared Documents”.