Loading
Cleaned amvo.exe virus manually
11 June 2009Posted by
NAIDU
0 Comments
Today I got one virus in my system. When I try to login to the Yahoo messenger, it is closing without logging in. I have found a virus (don't know name) and cleaned it manually. I have taken the below steps to remove this virus manually.
- First I have checked in task manager, I didn't find any suspicious processes.
- Next I opened MSConfig (Go to run, and type msconfig). I have found one process with the name amvo.exe under the startup tab. It is located in Windows\System32 folder.
- I unchecked the process, and closed the msconfig window.
- Next I open Registry Editor (go to run, and type regedit). I have searched for "amvo.exe" and found one entry. I have deleted the whole key.
- Next I have tried to set the option to "show hidden files" (Go to Tools> View in windows explorer), as virus file is hidden. But it is not allowing me. As soon as I set it to show hidden files and clicked on ok, it is changing back to "Don't show hidden files".
- Then I have used Bullet Proof FTP software to browse the local disk, because it shows all files even hidden files. (I have already installed FTP software in my system. You can get free trial version from the website.)
- Then I have browsed to Windows\System32 folder, and deleted amvo.exe, amvo0.dll, amvo1.dll.
- This virus put an Autorun.inf file, and .cmd file in every drive's root. I have removed all those.
Don't forget to disable system restore before starting the cleaning process, and open windows in safe mode.
Update: I built two files to clean this virus automatically. After downloading the AMVO Cleaner, unzip the file to get a folder. Open that folder, and double click on the file named AMVO_Delete. It should have cleaned the virus. Please let me know whether your problem solved in the comments section below.
Subscribe to:
Post Comments (Atom)
Web Hosting and Domains
