Wednesday, February 13, 2008

Getting Wifi to Work with Fedora 8 on V3000

So far...

Downloaded NDISWrapper.
Tried make. Got


[root@localhost ndiswrapper-1.52]# make
make -C driver
make[1]: Entering directory `/home/arun/ndiswrapper-1.52/driver'
Makefile:24: *** Kernel tree not found - please set KBUILD to configured kernel. Stop.
make[1]: Leaving directory `/home/arun/ndiswrapper-1.52/driver'
make: *** [all] Error 2


Problem was I dint have the source, downloading source. But what is the kernel number ?

uname -r


I knew I had a source downloaded somewhere...

find | grep '2\.6'

Saturday, February 2, 2008

amvo.exe Virus Manual Removal Steps

Intro

This is a nasty virus, dont know who dropped it on me. It spreads via USB Memory Sticks. It cannot be seen in the process list, hides itself and hides all files. And my antivirus doesn't seem to find a problem! :(

Some Symptoms


  • Cannot show hidden files

  • Slows down USB devices

  • Adds infections to plugged in USB devices

  • Drives open in new windows from My Computer



How to get rid off?
Step 1
The usual way is to Format the system, but it is not a permanent solution. To get rid run regedit, find all keys related to amvo.exe or the name of the virus.
Run msconfig in the Start Up Tab you can find the amvo.exe or its variants.
Remove all occurrence of the name from regedit.
Reboot the System.

Step 2
Reboot and do the following changes to the Registry using regedit

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer searchidden en 1

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer searchsystemdirs en 1

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced hidden en 1

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced showsuperhiden en 1

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced superhiden en 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN CheckedValue 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN DefaultValue 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL CheckedValue 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL DefaultValue 1


HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Policies\Explorer NoDriveTypeAutoRun 0x00000091 (145)



-- OR --

Reboot into a different OS and do the following

Step 3
From all the drives delete the autorun.inf using command line (if on windows) or from a linux OS. Do not open the drive from the explorer as it would spread the virus again to this OS. If you have linux installed and can access all partitions on the disk, go delete the files and clear the trash on all drives.

Step 4
Reboot the system.
Do necessary changes as in Step 2, if you have not done those.

I hope that will do it
Install a good antivirus update it.
Prevent Autorun from USBs.

To disable Autoplay of all drives
Start > Run > gpedit.msc

Enable : Computer Configuration > Administrative Templates > System > Turn Off Autoplay



Anything more ?

Related Pages
Amvo Removal Tool