How to scan USB drive, and Disable the Autoplay feature of USB drives.

May 23rd, 2008 admin Posted in Computer Software problems, Tips and Tricks, Virus and Trojan 2 Comments »

Virus and spyware spreads by creating a copy of itself and starts by autorun.inf files. It is essential to remove the autorun.inf files not only from computers but also from the source i.e. USB Drive, RW- CD Roms, RW-DVD.

Disable the Autorun/Autoplay feature of USB drives.

Download a small tool which can perform such a function is Tweak UI. Download it from here install it.

Then plug your USB drive, scan with good antivirus, antispyware.

PC WORLD ANTI VIRUS COMPARISON

Antivirus software
1

BitDefender 9 Standard

• Performance: Superior • Ease of Use: Very Good • Features: Very Good • Price when ranked: $30 • Vendor’s Website


Pending
2

McAfee VirusScan 2006

• Performance: Superior • Ease of Use: Very Good • Features: Very Good • Price when ranked: $40 • Check latest prices


Pending
3

Kaspersky Lab Kaspersky Anti-Virus Personal 5.0

• Performance: Superior • Ease of Use: Good • Features: Good • Price when ranked: $40 • Vendor’s Web Site


Pending
4

F-Secure Anti-Virus 2006

• Performance: Superior • Ease of Use: Good • Features: Good • Price when ranked: $40 • Check latest prices


Pending
5

Symantec Norton AntiVirus 2006

• Performance: Good • Ease of Use: Very Good • Features: Very Good • Price when ranked: $40 • Check latest prices


Pending
6

Panda Software Panda Titanium 2006 Antivirus + Antispyware

• Performance: Very Good • Ease of Use: Good • Features: Very Good • Price when ranked: $50 • Check latest prices


Pending
renderYsmAds(3,0);
7

AntiVir Personal Edition Classic 6.32

• Performance: Good • Ease of Use: Good • Features: Fair • Price when ranked: Free • Vendor’s Website


Pending
8

Alwil Software Avast Home Edition 4.6

• Performance: Fair • Ease of Use: Very Good • Features: Good • Price when ranked: Free • Vendor’s Website


Pending
9

Trend Micro PC-cillin Internet Security Security 2006

• Performance: Fair • Ease of Use: Superior • Features: Good • Price when ranked: $50 • Check latest prices


Pending
10

Grisoft AVG Free Edition 7.1

• Performance: Fair • Ease of Use: Fair • Features: Fair • Price when ranked: Free • Vendor’s Website


Pending

Source : http://www.pcworld.com/article/124475-1/article.html

Bookmarkify Frustration
[Ask] [Bloglines] [BlogMarks] [del.icio.us] [Digg] [diigo] [DotNetKicks] [dzone] [Facebook] [Feed Me Links] [Friendsite] [Furl] [Google] [Jeqq] [Kaboodle] [LinksMarker] [Ma.gnolia] [Mixx] [MySpace] [Reddit] [Slashdot] [Technorati] [Windows Live] [Yahoo!] [Email] More »
Rating 3.00 out of 5
[?]
AddThis Social Bookmark Button

AVmon.exe – Dangerous if in your task manager …….

May 9th, 2008 admin Posted in Computer Software problems, Tips and Tricks, Virus and Trojan No Comments »

Press control+alt+del

If AVmon.exe found in your task manager then read below :

AVmon.exe - Dangerous if in your task manager

avmon.exe AVmon.exe is a mass-mailing worm W32.Kedebe@mm.
AVmon.exe tries to terminate antiviral programs installed on a user computer.
AVmon.exe spreads by e-mail and via open network shares.
Related files:
%System%\winssc32.exe
%System%\mscppdmg.exe
%System%\kernel32hlp.exe
%System%\NAVctrl.exe
%System%\dwrdgr32.exe
%System%\gcasctrl.exe
%System%\AVmon.exe
%System%\winxplt.exe
%System%\gcasAV32.exe
%System%\LUCOMS~2.EXE
%System%\zlbclient.exe
%system%\win32infchkr.exe
Adds the value:
“Windows Console Monitor” = “%System%\[path to the worm]”
“load” = “%Userprofile%\LOCALS~1\Applic~1\MICROS~1\Windows\[path to the worm]”
to the Windows startup registry keys.

  • AVMON.EXE has been seen to perform the following behaviors
  • Adds a Registry Key (RUN) to auto start Programs on system start up

Source : http://www.greatis.com/appdata/d/a/avmon.exe.htm
AVMON.EXE has been the subject of the following behavior(s)

  • Added as a Registry auto start to load Program on Boot up
  • Created as a new Background Service on the machine
  • AVMON.EXE can also use the following file names
    1. 73416031.SVD
    2. 88515326.EXE

Source: http://www.prevx.com/filenames/1239396392144221666-0/AVMON.EXE.html

Infection

Infection through USB PEN DRIVES, autorun drives, email

Removal

  • Use run>>regedit and delete run process of avmon.exe try using find command and type AVmon.exe
  • Connect your hardisk to any other operating system other than windows
  • Delete all root drive autorun.inf from your hardisk
  • Reboot your system do not open any drive and download any root kit removal tool scan with your antivirus and root kit removal tool such as RegRun
  • Delete 88515326.EXE,73416031.SVD, avmon.exe using search option

You can try the above process at your own risk.

if Windows folder options missing

Folder Options Is Missing

  • Click Start
  • Click Run
  • Type
      regedit
  • When the Registry Edit windows open scroll down to the following key
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • In the right pane look for “NoFolderOptions
  • Make sure the “NoFolderOptions” is set to 0
  • If there is “NoFolderOption” click Edit on the toolbar
  • Click New
  • Click DWORD Value
  • Name it “NoFolderOption” (without the quotes)
  • The value should be set to 0 if not double click on the “NoFolderOption” and a window will open, type in 0
  • When double cilcked on the drive “open with” window is opening ? Also try
Bookmarkify Frustration
[Ask] [Bloglines] [BlogMarks] [del.icio.us] [Digg] [diigo] [DotNetKicks] [dzone] [Facebook] [Feed Me Links] [Friendsite] [Furl] [Google] [Jeqq] [Kaboodle] [LinksMarker] [Ma.gnolia] [Mixx] [MySpace] [Reddit] [Slashdot] [Technorati] [Windows Live] [Yahoo!] [Email] More »
Rating 4.00 out of 5
[?]
AddThis Social Bookmark Button

« Previous Entries
Next Entries »