Your best source of information and news about BIOS, software and vista on the internet

September 20th, 2009

You are currently browsing the articles from MS Windows Vista Compatible Software written on September 20th, 2009.

Manual Removal of W32/Microjoin.GQA Trojan » ntos.exe

Manual Removal of W32/Microjoin.GQA Trojan » 1042v.exe, ntos.exe, odb.exe, svc.exe, lsass.exe, teste1_p.exe, avto.exe, 6_ldr.exe, 4_pinnew.exe, 5_odb.exe, 60325cahp25ca0.exe

W32/Microjoin.GQA is a…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Written by FireFly on September 20th, 2009 with no comments.
Read more articles on lsass.exe and W32/Microjoin.GQA and manual removal and removal of trojan and otherSoftware and Windows.

Remove SaveDefender - Save Defender Removal Information

SaveDefender is another representative of Winisoft family which already has more than 20 “exponents” of rogue applications. As its predecessors, SaveDefender uses backdoor Trojans and misleading online antimalware scanners in order to get into your computer. Once installed, parasite will be configured to start automatically every time you login in Windows. SaveDefender creates numerous files with random names in order to detect infected items. But in reality this files won’t carry any danger to your computer, they are shown to you in order to scare you and push into purchasing licensed version for about a 50$. While running, SaveDefender will bother you with annoying pop-ups, exaggerated scan results and fake security alerts informing that your computer is seriously infected and you must buy full version in order to remove all threats and protect your data and privacy. Last but not least, by using too many system recourses while “working” in background SaveDefender can noticeably slow down your computer. As you see SaveDefender is mostly unwanted application on your computer, we advise you to remove SaveDefender as soon as possible.

Type: Rogue Anti-Spyware
Malware Author: Unknown
Threat Level: Critical
Screenshot:

SaveDefender Automatical Removal Tool

How to remove SaveDefender manually:
It's possible to remove SaveDefender manually, but you have to be very experienced in dealing with registry entries, program files and .dll files.

The files to be deleted:

c:\Documents and Settings\All Users\Desktop\SaveDefender.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\SaveDefender
c:\Documents and Settings\All Users\Start Menu\Programs\SaveDefender\1 SaveDefender.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\SaveDefender\2 Homepage.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\SaveDefender\3 Uninstall.lnk
%Temp%\ri2aqoym.exe
c:\Program Files\SaveDefender Software
c:\Program Files\SaveDefender Software\SaveDefender
c:\Program Files\SaveDefender Software\SaveDefender\SaveDefender.exe
c:\Program Files\SaveDefender Software\SaveDefender\uninstall.exe
c:\WINDOWS\101919py365z.ocx
c:\WINDOWS\10203hack9z5l284.ocx
c:\WINDOWS\10ez5parse20909.bin
c:\WINDOWS\system32\13542spazbot13c9.cpl
c:\WINDOWS\system32\13598viruz5b9.ocx
c:\WINDOWS\system32\14397szambot506.exe


Remove registry entries:

HKEY_CURRENT_USER\Software\SaveDefender
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveDefender
HKEY_LOCAL_MACHINE\SOFTWARE\SaveDefender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SAVEDEFENDERSVC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaveDefenderSvc
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ri2aqoym.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SaveDefender"

Please be careful because manual removal of SaveDefender may seriously damage operational system and sensitive data. Also there is a big possibility of incomplete removal, because some files could be hidden and program could re-install itself after you delete files and registry entries. So we strongly recommend you to use automatical removal tool.

Written by admin on September 20th, 2009 with no comments.
Read more articles on rogue antispyware and AntiSpyware and fake warnings and removal tool and keylogger and safeguard and Hijacker and Adware and antivirus and Privacy and malware and trojan and system and otherSoftware and Security.

How to remove autorun virus from USB flash drives


This virus has been widely spread these days and it has become very common that every pen drive we use will be infected by this virus. This Recycler virus / BV:AutoRun-G[Worm] is very annoying one and even formatting the pen drive will not remove the virus. Though antivirus software is able to identify, it cannot remove the virus completely. If you delete this manually, it will again create itself and none of the virus removal tricks could work to resolve the problem.

  • Download Flash Disinfector and save on some non windows drive.
  • Double click on it and it will ask you to insert USB flash drive and click ok. Do so.

Remove usb virus with flash disinfector

  • Clicking on ok will make your desktop go blank, don’t worry, its normal.
  • It will fix the autorun.inf virus and you are done partially. Yes, its a partial solution, it will lock the autorun file and you will see some file created by flash disinfector. If you remove the file, the virus get re activated. May be some future update of our antivirus software’s will have complete fix for this.
Posted in Uncategorized

Written by basil kp on September 20th, 2009 with no comments.
Read more articles on otherSoftware and Uncategorized.

How to Remove Autorun Virus?


1.Symptoms of infection:

Hard disk autoplay
msconfig  disabled
Hidden files and folders disabled .

2.W32/Autorun Worm:

CleanAutoRun.exe will detect and remove the W32/Autorun Worm and its variants completely from your system. Download cleanautorun.exe and save it on your desktop. Double click on CleanAutoRun.exe to execute it. Follow the user-friendly instructions to detect and remove the W32/Autorun Worm and its variants from your computer. This way, you can make sure that your computer and the data it contains are safe.

W32/Autorun Worm Virus Removal Tool Download.

3.Autorun Virus Removal method 1:

The autorun virus can be removed both manually and by using any autorun virus removal tool. The manual removal time of the virus depends on the intensity of the attachment of the virus to the system. To remove the virus manually, you need to:

1. Kill the autorun process through Task Manager.
2. Boot the system in safe mode and open the command prompt.
3. List all system and .exe files on the C drive (or your OS drive).
4. Disable hidden, system, and read only attributes for autorun.inf and ntdelect.com (not ntdetect.com)
5. Delete both the files.
6. Repeat these steps for all the drives on your computer.
7. Search for kavo.exe in C:\windows\system32\ and delete it.
8. Open registry editor and delete all the entries of kavo.exe under:
HKEY_LOCAL_MACHINE\SOFTWARE
HKEY_CURRENT_USER\SOFTWARE

4.Remove Autorun Virus in Minutes

The manual removal of autorun virus is recommended only to computer experts because removing or editing windows registry can cause severe damage to your system if you delete the wrong files. Therefore, it is always better to use autorun removal tool to remove the virus from your computer.

Want to squash those annoying pop up ads and get your PC running like new? Come get your free scan at Spyware Fix today!

Jim Marshall is an expert computer technician with fifteen years of experience in the industry. Since his own computer was destroyed by malicious software, he has been studying anti-spyware, adware, and malware systems for years. His website details the comprehensive results of this research, ranking the best anti spyware programs available.

http://www.spyware-fix.net/index.html

Autorun Virus Removal method 2:

1.Get autorun virus removal tool here


2.Now Press Win+R and enter cmd open Windows command prompt .
Now we are about to list hard disk files from command prompt .
for C drive type dir c:\ /a/w

remove autorun virus

If Autorun virus is present , It will get listed as shown above . There would be many other files like onlinegames , kavo.exe,.vbs , Heap41a , newfolder.exe,.com, ppt.exe etc .
These files include read only, archive, system and hidden file attributes associated with them.
So in next step we will remove these restrictions from the above suspicious files .
attrib -s -h -r c:\autorun.inf
or attrib -s -h -r c:\autorun.vbs ( Change the hard disk partitions as required)
Now remove all those files associated with autorun virus using del instruction .
Del autorun.inf or Del kavo.exe ( repeat the procedure for all the files and hard drives )
Or you can automate the process by notepad

 dir c:\ /a/w
attrib -s -h -r c:\autorun.inf
del autorun.inf

dir d:\ /a/w
attrib -s -h -r d:\autorun.inf
del autorun.inf

dir e:\ /a/w
attrib -s -h -r d:\autorun.inf
del autorun.inf

(Add the necessary hard disk partitions and files as per requirement ). Now copy the completed document in notepad and save as remove.bat . This file will remove all the autorun virus traces on execution .

After removing all the infected autorun virus files from hard drives , execute autorun virus removal tool on step 1 to remove further traces .

3. Repair registry to enable hidden files and folders .

Press Win+R and enter regedit . Now this will open the Windows registry . Move on to the following registration entries .

HKEY_LOCAL_MACHINE >SOFTWARE>Microsoft>Windows>CurrentVersion>Explorer>Advanced>Folder>Hidden>SHOWALL

Autorun virus usually alter this registration entry . Double click on CheckedValue and enter value data as 1 .  Now you would be able to enable hidden files and folders .



4. Turn off autorun feature in Windows .

This will avoid the execution of existing autorun worms in a PC and also one on USBs and CDs .

Copy the following command in notepad and save as removeautorun.reg

REGEDIT5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@=”@SYS:DoesNotExist”

5. Restart your PC for the complete removal of Autorun virus .



Now almost all antivirus softwares like Kaspersky , Norton , NOD32 will remove autorun virus species. So keep your antivirus updated .

Posted in Uncategorized

Written by basil kp on September 20th, 2009 with no comments.
Read more articles on otherSoftware and Uncategorized.

Cedega

Cedega is built off of the Wine code to allow GNU/Linux users the opportunity to run applications built for Microsoft Windows on their computer systems. While Wine strives to support any and all applications, Cedega focuses mainly on video games. Cedega works on a monthly subscription service. By paying the subscription, you are entitled to updates for the software, support for your product, and access to the forums of TransGaming, the company that produces Cedega. Since this is a commercial product, the people creating updates and monitoring Cedega’s support are actual employees of TransGaming.

Many opinions exist as to whether Cedega is better than Wine or vice versa. Most people in the community forums suggest trying Wine first since it is free. Many others suggest Cedega since it is built specifically for gaming and is easier to configure. As you may have noticed, the communities surrounding open source software can offer quite a bit of help, but often are laden with individual opinions. Take the advice of those who are wise enough to tell you to use what works best for you.

To install Cedega, you first have to subscribe to TransGaming’s web site. Open Firefox and type http://transgaming.com in the address bar. This will take you to the home page of TransGaming Technologies, where you need to click on Register Now. You will be required to provide personal information to TransGaming as well as payment information. Once you have purchased your subscription, TransGaming will send you a temporary password and your login information. After you log into the TransGaming site, select Downloads | Cedega from the top menu bar.

From the Downloads page, you need to select the correct package to install. Scroll down to the middle of the page, locate cedega-small_6.0.2_all.deb, and double-click it. The download window should now open and ask you what you would like Firefox to do with this file. Since it is a DEB package, you have the option to leave the default Open With GDebi Package Installer, or you can choose Save File, which will save the package to your desktop to open later. Let’s keep the default, choose the Open With option, and then click OK. Doing so will launch the Package Installer window. Click the Install Package button at the top of the window to start
the installation process.

To run Cedega, go to Applications | Graphics | TransGaming Cedega. Once you accept the license, you will be taken to the Cedega Setup Wizard. The first page will give you an overview of the setup process. Click Forward to begin. At the second screen of the Setup Wizard, you will need to enter your username and password. This information is what you set up when you created your account at TransGaming.com. After you have entered this information, make sure that the Check For Updates box is checked and then click Forward.

The third page of the Setup Wizard deals with the hardware your computer uses. Although this information is detected, you can click the Autodetect button to run Cedega through this process if you feel it is inaccurate. Once you are satisfied with the hardware settings, click Forward.

The fourth page of the Cedega Setup Wizard will run a series of tests to see how well Cedega will run on your computer. Clicking the Run Selected Tests button will begin the tests. It is wise to leave all of the tests selected, especially since this is the first time you are running Cedega. Once the tests are complete, click the Forward button to complete the Setup Wizard.

The last screen will inform you that the setup has been completed. You can now click the Finish button to launch Cedega.

Source of Information : McGraw Hill Osborne Media How to Do Everything Ubuntu

Written by magakos on September 20th, 2009 with no comments.
Read more articles on Ubuntu Linux and otherSoftware.