.: Getting rid of AMVO.EXE, KAVO.EXE, New Folder. exe :.

Hi,

Amvo and Kavo are the recent viruses that mess up the hard disk and prevent direct access to the hard drives. They will create an autorun.inf files in each drive and wont let you open them by double clicking it. You have to right click and select “Explore” to open the drive.

Symptoms:
1. Couldnt open the hard drives directly by double clicking.
2. Messed up yahoo messenger.
3. Task Manager Disabled, Registry Editing Disabled.

I will tell you the easy way to get rid of these bugs easily with two softwares. First you have to download these following softwares.

UNLOCKER -> This software will be useful in deleting the files that are being used by other programs.

AVA-FIND -> This software is a search tool that will list all the files instantly.

Once you got these two softwares install it. Then all you got to do is find and delete. Install the ava find software and let it index your total hard disk, it may take few mins, but wait patiently. Once it is finished, we are ready to go.

Open ava find. Search for AMVO.EXE. It will list all the locations of that file. Go to those locations, Right click on the file and select UNLOCKER, there you unlock all the processes and select delete file option, unlocker will delete for you.

Similarly search for KAVO.EXE and delete those files at all locations.

You can delete New Folder. exe file too using this technique.

If you have svchost.exe problem too, you can use this method.

Once you are rid of amvo and kavo, you search for “autorun.inf”, in each drive there will be a file c:/autorun.inf, d:/autorun.inf……. delete all these autorun files using unlocker. Then restart your pc.. voila… you will find your pc clean of amvo and kavo.

Summary:

Step1: Download unlocker and avaFind.

Step2: Install them and wait till avaFind finishes indexing the whole hard disk.

Step3: Search amvo and kavo using avafind.

step4: Delete those files by right clicking on them and choosing unlocker.

step5: Delete autorun.inf files in all hard disk drives.

step6: Restart your pc.

This is bound to work, in any case if this doesnt work for you, then tell me, i will give u a workaround. ***Cheers***

.: SVCHOST BUG :.

Hi,

To check whether your pc is infected with SVCHOST.EXE virus, go to task manager by pressing ctrl+alt+del. In that click on processor tab, If there is any process running with Image Name as svchost.exe and the User Name is your login account name, then its a virus. Other than that all other svchost.exe that runs with username as LOCAL SERVICE OR NETWORK SERVICE OR SYSTEM are genuine windows processes.

Image Name = svchost.exe : User Name = login account name -> virus

Image Name = svchost.exe : User Name = LOCAL SERVICE OR NETWORK SERVICE OR SYSTEM -> Not virus

Right click on that virus and select “END PROCESS TREE”

Once u found that u have virus, go to command prompt by pressing (windows+r) and type “cmd” ( quotes for clarity) and click ok.. once you are in command prompt navigate to c:/windows/system32.

enter the command : dir /ah

it will list all the hidden files, if you find any file other than *.manifest files, they are viruses. There will be the svchost.exe file which is a virus. Delete them using the command “del filename” . if you get access denied error use the command “del /f/a filename”

step0: End the process tree in the task manager

step1: open command prompt

step2: Navigate to c:/windows/system32

step3: command -> dir /ah

step4: command -> del filename. If the file didnt get deleted and u get “ACCESS DENIED ERROR” then go to step5

step5: command -> del /f/a filename

Repeat the steps till you delete all the files except *.manifest files.

If you still cant get rid of that virus, feel free to leave a comment, i will suggest you someother workaround.