|
|
|||||||
|
Welcome to the PK Forum Community forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact us. |
 |
|
|
LinkBack | Thread Tools | Display Modes |
17-01-2008, 08:52 AM
|
#1 |
|
Windows Virus
Darkprince
Member
 Join Date: Jul 2007
Posts: 110
17-01-2008, 08:52 AM
Rating:
 ()
I need help Guys my system is infected With virus every drive of it is infected with virus. every time whenever i try to open a drive my antivirus (NOD32) pops up with warning with Virus threat, that window pops up for three consecutive times and drive opens after third warning. i am posting screen shots of that warning. i scanned two drives out of five and after scanning and deleting virus those two drives won't open at all but gives me a Open With, Window. can u help me with this guys?
Last edited by Darkprince : 04-02-2008 at 07:28 AM. |
|
|
Views: 318
|
|
|
17-01-2008, 09:43 AM
|
#2 (permalink) | ||||||||
|
Super Moderator
 
Location: Karachi
Credits: 25,733
 |
This is the same kind of problem Fahim was facing.
amvo.dll Check this thread out. There you can find that amvo.dll aswell. Try some suggestions that were put forward by members. Or else try using some other antivirus. (Provided its up-to-date with the latest antiviral definitions).
__________________
__________________ Rig: AMD Sempron64 2800+ <> ASUS K8N nForce3 250 <> 768MB Ram <> ASUS AX1650 (256 Mb / 128 Bit) <> 80Gb HDD <> ASUS QuietTrack 52x CDR <> Samsung 18x WriteMaster DVDRW <> Samsung 19" SyncMaster 940BW Widescreen LCD <> Worldcall EVDO 512K. Important Message: Please do not SPAM, abuse or disrespect any PK Forum member. |
||||||||
|
|
|
|
17-01-2008, 09:52 AM
|
#3 (permalink) | ||||||||
|
PK Addict
 
Credits: 63,436
|
try kaspersky...
or try to update ur antivirus... and then check back!!!!!!!
__________________
AM2 5200+ X2 Overclocked ~ 3.0 Ghz  || MSI K9N SLI Platinum || INNO3D 8800GT (700/2000)  |Cooler Master 600 Watts SLI PSU |2GB XMS 2 DHX Dominator DDR2 800 Bus (4-4-4-12-1T) |WD 250GB x2 SATA II 16mb Cache || Creative SB Live 5.1 Digital || 5.1 Creative Sound Speakers||19" NEC MultiSync LCD || Modded Hercules Gaming Case.... |A4tech X-750F Gaming Mouse| Channel 1KA UPS ||Dual Boot Windows XP Professional SP3 Windows Vista Ultimate SP1 (PRE-Activated)...... 
|
||||||||
|
|
|
|
17-01-2008, 03:50 PM
|
#4 (permalink) | ||||||||
|
PK Addict
 
Location: Islamabad
Credits: 32,850
|
Check this i validated my key from 19 Jan 2008 to 3 May 2008..
 Check this also : http://tutors.fatfreehost.com/nod32/ I just installed and used the 3rd or 4th one on the list and it worked, gave me a few months. 
__________________
~Bud-haal Pakistan, Khush-haal Hukmuraan.~ |
||||||||
|
|
|
|
18-01-2008, 01:35 AM
|
#5 (permalink) | ||||||||
|
PK Addict
Location: Karachi
Credits: 31,187
|
Its not few month Armani bro ,this will only last for 24 hours and then you have to enter the different one.
I have been doing this from the last month.
__________________
 ------------------------------------- Love Islam |
||||||||
|
|
|
| Sponsored links | |
|
Advertisement
|
|
|
18-01-2008, 03:31 AM
|
#6 (permalink) | ||||||||
|
Moderator
 
Location: Islamabad
Credits: 167,255
|
i dont really get it. the free antiviruii and free firewalls are just as good as these and arent bloatwares
i am using AVG on one machine and a "proper" licenced version of kaspersky on the other. i also have alwil's antivirus on a 3rd. and all are equally capable products. i see no reason to pay or cheat for antivirus programs as the free ones are just as good. The same goes for firewalls. those with routers probbaly have one already and there are free alternatives. the best being comodo personal firewall. This with a good free antivirus is a very good idea. get rid of licensing headaches for once and for all there are free anti-spy-ware as well, though i havent seen a lifetime free active scanner. but spybot even though is really old holds its own and is a very good program. thus AVG+comodo+spybot =Free = Pretty good! |
||||||||
|
|
|
|
18-01-2008, 07:19 AM
|
#7 (permalink) | ||||||||
|
Member
Credits: 2,644
|
Yaar i scanned and deleted Virus on two drives but now the problem is that i can't open these drives directly whenever i try to open the drive it gives me a "open with" window. now whenever i have to open drive i have to go to the run and then browse to the desired drive. how can i solve my problem.
|
||||||||
|
|
|
|
18-01-2008, 07:42 AM
|
#8 (permalink) | ||||||||
|
Moderator
 
Location: Karachi
Credits: 63,508
|
See if you have an Autorun.inf in each partition. if it is then windows explorer is doomed. Run trendmicro's hijackthis to see if the virus is still in registry's run. post the LOG from Hijackthis.
Hijackthis http://www.speedyshare.com/200360793.html I had to manually kill amvo.dll using kill box. Norton everytime detected and cleaned it but it was coming back because of system restore. Disable it before any removal. Killbox http://www.speedyshare.com/199976245.html And are you able to turn off or on hidden system files?
__________________
  Amd Athlon3200+ Asus A8v,1gb ksgtn400mhz ddr 200GB SegateSSata 7200 rpm 8mb, NvidiaGeforce8500GT 512mb Hp P1230 22 inch Flat screen CRT CreativeSB live5.1 @ Inspire5.1 t5400speakers + Aiwa NSX-SZ70 digital amp with 2*170W woofers with 2*60W spks A4tech HD200 7.1 Headphones SamSung DVDRW SATA Promedia Enforcer Blue Case with 400 watt PSU. |
||||||||
|
|
|
18-01-2008, 07:46 AM
|
#9 (permalink) | ||||||||
|
Moderator
Location: Karachi
Credits: 63,508
|
Removing Autostart Entries from the Registry
This solution deletes registry entries added by this malware. Before performing the steps below, make sure you know how to back up the registry and how to restore it if a problem occurs. Refer to this Microsoft article for more information about modifying your computer's registry. Open Registry Editor. Click Start > Run, type REGEDIT, then press Enter. In the left panel, double-click the following: HKEY_CURRENT_USER>Software>Microsoft>Windows> CurrentVersion>Run In the right panel, locate and delete the entry: avpa = "%System%\avpo.exe" (Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, or C:\Windows\System32 on Windows XP and Server 2003.) Close Registry Editor. Restoring Other Registry Entries This solution modifies registry entries modified by this malware. Before performing the steps below, make sure you know how to back up the registry and how to restore it if a problem occurs. Refer to this Microsoft article for more information about modifying your computer's registry. Still in Registry Editor, in the left panel, double-click the following: HKEY_CURRENT_USER>Software>Microsoft>Windows> CurrentVersion>Explorer>Advanced In the right panel, locate the entry: Hidden = "2" Right-click on the value name and choose Modify. Change the value data of this entry to: 0 In the left panel, double-click the following: HKEY_CURRENT_USER>Software>Microsoft>Windows> CurrentVersion>Explorer>Advanced In the right panel, locate the entry: ShowSuperHidden = "0" Right-click on the value name and choose Modify. Change the value data of this entry to: 1 In the left panel, double-click the following: HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>Curr entVersion> Explorer>Advanced>Folder> Hidden>SHOWALL In the right panel, locate the entry: CheckedValue = "0" Right-click on the value name and choose Modify. Change the value data of this entry to: 1 Close Registry Editor. Deleting Malware-created AUTORUN.INF/s Right-click Start then click Search... or Find..., depending on the version of Windows you are running. In the Named input box, type: AUTORUN.INF In the Look In drop-down list, select a drive, then press Enter. Select the file, then open using Notepad. Check if the following lines are present in the file: [AutoRun] open=ntdelect.com ;shell\open=Open(&O) shell\open\Command=utdetect.com shell\open\Default=1 ;shell\explore=Manager(&X) shell\explore\Command=utdetect.com If the lines are present, delete the file. Repeat steps 3 to 6 for AUTORUN.INF files in the remaining removable drives.
__________________
Amd Athlon3200+ Asus A8v,1gb ksgtn400mhz ddr 200GB SegateSSata 7200 rpm 8mb, NvidiaGeforce8500GT 512mb Hp P1230 22 inch Flat screen CRT CreativeSB live5.1 @ Inspire5.1 t5400speakers + Aiwa NSX-SZ70 digital amp with 2*170W woofers with 2*60W spks A4tech HD200 7.1 Headphones SamSung DVDRW SATA Promedia Enforcer Blue Case with 400 watt PSU. Last edited by Fahad : 18-01-2008 at 11:18 AM. |
||||||||
|
|
|
|
18-01-2008, 07:48 AM
|
#10 (permalink) | ||||||||
|
Moderator
Location: Karachi
Credits: 63,508
|
if it is not Avpo.exe then it will be Amvo. Run the Hijack this scan. Find the file path to amvo or avpo and kill it using killbox.
__________________
Amd Athlon3200+ Asus A8v,1gb ksgtn400mhz ddr 200GB SegateSSata 7200 rpm 8mb, NvidiaGeforce8500GT 512mb Hp P1230 22 inch Flat screen CRT CreativeSB live5.1 @ Inspire5.1 t5400speakers + Aiwa NSX-SZ70 digital amp with 2*170W woofers with 2*60W spks A4tech HD200 7.1 Headphones SamSung DVDRW SATA Promedia Enforcer Blue Case with 400 watt PSU. |
||||||||
|
|
|
| Sponsored links | |
|
Advertisement
|
|
Linear Mode
