Home - Computer Software problems - AVmon.exe – Dangerous if in your task manager …….

AVmon.exe – Dangerous if in your task manager …….

May 9, 2008

Press control+alt+del

If AVmon.exe found in your task manager then read below :

AVmon.exe Dangerous if in your task manager

avmon.exe AVmon.exe is a mass-mailing worm W32.Kedebe@mm.
AVmon.exe tries to terminate antiviral programs installed on a user computer.
AVmon.exe spreads by e-mail and via open network shares.
Related files:
Adds the value:
“Windows Console Monitor” = “%System%\[path to the worm]”
“load” = “%Userprofile%\LOCALS~1\Applic~1\MICROS~1\Windows\[path to the worm]”
to the Windows startup registry keys.

  • AVMON.EXE has been seen to perform the following behaviors
  • Adds a Registry Key (RUN) to auto start Programs on system start up

Source : http://www.greatis.com/appdata/d/a/avmon.exe.htm
AVMON.EXE has been the subject of the following behavior(s)

  • Added as a Registry auto start to load Program on Boot up
  • Created as a new Background Service on the machine
  • AVMON.EXE can also use the following file names
    1. 73416031.SVD
    2. 88515326.EXE

Source: http://www.prevx.com/filenames/1239396392144221666-0/AVMON.EXE.html


Infection through USB PEN DRIVES, autorun drives, email


  • Use run>>regedit and delete run process of avmon.exe try using find command and type AVmon.exe
  • Connect your hardisk to any other operating system other than windows
  • Delete all root drive autorun.inf from your hardisk
  • Reboot your system do not open any drive and download any root kit removal tool scan with your antivirus and root kit removal tool such as RegRun
  • Delete 88515326.EXE,73416031.SVD, avmon.exe using search option

You can try the above process at your own risk.

if Windows folder options missing

Folder Options Is Missing

  • Click Start
  • Click Run
  • Type
  • When the Registry Edit windows open scroll down to the following key
  • In the right pane look for “NoFolderOptions
  • Make sure the “NoFolderOptions” is set to 0
  • If there is “NoFolderOption” click Edit on the toolbar
  • Click New
  • Click DWORD Value
  • Name it “NoFolderOption” (without the quotes)
  • The value should be set to 0 if not double click on the “NoFolderOption” and a window will open, type in 0
  • When double cilcked on the drive “open with” window is opening ? Also try