avmete.dll - Virus file - cannot remove

[Lynwood Page]

My virus protection software is telling me that I have a virus file at
\windows\system32\avmete.dll. The virus protection software will not remove
it and I can not remove it even when I boot to safe mode. The error message
just says that it can not be deleted. I am running Windows XP/SP1. Can
anyone point me in the right direction for how to get this virus file
deleted ? Many thanks.

 

[Milo \(MSPSS\)]

Mind if i ask what does your anti-virus named it to be? It smells and sound
like variant of vundo infection or similar since it uses BHO

As an option for a direct assistance you can call in 866 727 2338 if you are
in the US/CANADA
thats a Microsoft Security Free Support and Toll Free Assistance.

Thanks

"Lynwood Page" <lvpage@nc.rr.com> wrote in message
news:476bfc11$0$2366$4c368faf@roadrunner.com...
> My virus protection software is telling me that I have a virus file at
> \windows\system32\avmete.dll. The virus protection software will not
> remove
> it and I can not remove it even when I boot to safe mode. The error
> message
> just says that it can not be deleted. I am running Windows XP/SP1. Can
> anyone point me in the right direction for how to get this virus file
> deleted ? Many thanks.
>
>
>
>

 

[Kayman]

On Fri, 21 Dec 2007 12:46:20 -0500, Lynwood Page wrote:

> My virus protection software is telling me that I have a virus file at
> \windows\system32\avmete.dll. The virus protection software will not remove
> it and I can not remove it even when I boot to safe mode. The error message
> just says that it can not be deleted. I am running Windows XP/SP1. Can
> anyone point me in the right direction for how to get this virus file
> deleted ? Many thanks.

"The only way to clean a compromised system is to flatten and rebuild.
That¢s right. If you have a system that has been completely compromised,
the only thing you can do is to flatten the system (reformat the system
disk) and rebuild it from scratch (re-install Windows and your
applications)..."
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

If reformatting is not an option for you then
download David H. Lipman's MULTI_AV.EXE from the URL:
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html

The web site is in German but the MULTI_AV scanning tool is in English.
Anyway, go down to near of the bottom of the page and you'll see a box
titled "Infos Zum Download - Multi-AV Scanning Tool". You'll see: Download
von www pctipp.ch and the link to download:
>> Multi_AV Scanning Tool 5.01 (679.88KB) -

Once you've clicked this link, it will bring to:
http://www.pctipp.ch/index.cfm?pid=1411&pk=28470.

You will have to wait for a few seconds or so and the 'Download file'
window should appear - just follow the prompts to download Multi_AV.exe

If however the 'Download file' window does not appear don't panic, don't
click, don't do anything, just look for:
Der Download started in wenigen Sekunden automatisch.
Fall nicht, klicken Sie bitte -hier-.

Translated to English:
The download process is going to start in a few seconds.
If not, click -here-.

This should be pretty self-explanatory.

Additional Instructions:
http://pcdid.com/Multi_AV.htm
Ignore the links displayed within this site as they are not valid anymore
and have not yet been updated to current status.

Still no luck? Go to:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Also:
"Your computer is not up to date with the latest version of Windows XP.
Upgrade to Windows XP Service Pack 2 (SP2) today to help keep your computer
secure (it's free!)."
http://www.microsoft.com/windowsxp/sp2/default.mspx

(do the upgrade to SP2 only after your OS is clean)

Suggested New Year resolution:
1. For day-to-day work/browsing operate as a 'normal' user i.e. utilize the
Limited User Account (LUA) and use the Administrator Account (AC) only
when absolutely necessary.

2. Secure, tighten up your Operating System (OS).

3. Keep your OS and all software on it updated/patched.

4. Reconsider using IE and OE.

5. Don't expose Services to public networks.

6. Use the in-build firewall and if applicable use a router.

7. Do not to use TCP/IP as transport protocol for NetBIOS, SMB and RPC and
leave TCP/UDP ports 135, 137-139 and 445 closed.

8. Routinely practice Safe-Hex.

9. Routinely backup your data.

10.Familiarize yourself with 'flatten' and rebuild your OS.

11.Review your installed 3rd party software applications
Remove clutter.

Detailed elaborations pertinent to the above mentioned points can be
provided.

Read, comprehend and implement.

Good luck

--
Security is a process not a product.
(Bruce Schneier)

 

[Lynwood Page]

My virus protection software is CA Anti-Virus. It says this:

avmete.dll Infection Win32/Kvol!generic Trojan



"Milo (MSPSS)" <V-4jpaca@mssupport.microsoft.com> wrote in message
news:83D789D7-3E5E-48D0-8B57-3593BC131314@microsoft.com...
> Mind if i ask what does your anti-virus named it to be? It smells and
sound
> like variant of vundo infection or similar since it uses BHO
>
> As an option for a direct assistance you can call in 866 727 2338 if you
are
> in the US/CANADA
> thats a Microsoft Security Free Support and Toll Free Assistance.
>
> Thanks
>
> "Lynwood Page" <lvpage@nc.rr.com> wrote in message
> news:476bfc11$0$2366$4c368faf@roadrunner.com...
> > My virus protection software is telling me that I have a virus file at
> > \windows\system32\avmete.dll. The virus protection software will not
> > remove
> > it and I can not remove it even when I boot to safe mode. The error
> > message
> > just says that it can not be deleted. I am running Windows XP/SP1. Can
> > anyone point me in the right direction for how to get this virus file
> > deleted ? Many thanks.
> >
> >
> >
> >
>

 

[Singapore Web Design]

Hello,

Try performing a spyware scan by downloading and running SuperAntispyware
from here
http://www.superantispyware.com

(the free HOME edition is sufficient for the current problem)

--
Singapore Web Design
http://www.bootstrike.com/Webdesign/
Singapore Web Hosting
http://www.bootstrike.com/WinXP/faq.html
Windows XP FAQ

"Lynwood Page" <lvpage@nc.rr.com> wrote in message
news:476bfc11$0$2366$4c368faf@roadrunner.com...
> My virus protection software is telling me that I have a virus file at
> \windows\system32\avmete.dll. The virus protection software will not
> remove
> it and I can not remove it even when I boot to safe mode. The error
> message
> just says that it can not be deleted. I am running Windows XP/SP1. Can
> anyone point me in the right direction for how to get this virus file
> deleted ? Many thanks.
>
>
>
>

 

[Volodymyr Shcherbyna]

On your place I would download autorun tools from sysinternals.com and look
for all traces of this dll in shell extensions, BHO and other locations.
Then, I would delete the corresponding registry entry that loads this DLL at
windows startup and I would do a reboot of machine. After that I guess, you
will be able to delete file from your drive.

--
Volodymyr
NG tips:
http://msmvps.com/blogs/v_scherbina/pages/microsoft-newsgroups-tips.aspx

"Lynwood Page" <lvpage@nc.rr.com> wrote in message
news:476bfc11$0$2366$4c368faf@roadrunner.com...
> My virus protection software is telling me that I have a virus file at
> \windows\system32\avmete.dll. The virus protection software will not
> remove
> it and I can not remove it even when I boot to safe mode. The error
> message
> just says that it can not be deleted. I am running Windows XP/SP1. Can
> anyone point me in the right direction for how to get this virus file
> deleted ? Many thanks.
>
>
>
>

 

[Arkadiusz 'Black Fox' Artyszuk]

Re: avmete.dll - Virus file - cannot remove

Lynwood Page wrote:

> My virus protection software is telling me that I have a virus file at
> \windows\system32\avmete.dll. The virus protection software will not remove
> it and I can not remove it even when I boot to safe mode. The error message
> just says that it can not be deleted. I am running Windows XP/SP1. Can
> anyone point me in the right direction for how to get this virus file
> deleted ? Many thanks.

Boot to recovery console and delete that file.

--
Regards
Arkadiusz 'Black Fox' Artyszuk

 

[Lynwood Page]

Hello,
I downloaded your SuperAntiSpyware software and ran it. It did not
detect or remove the avmete.dll virus I have but it still looks like a
pretty good product. Thanks for your help.



"Singapore Web Design" <SingaporeWebDesign_ng2@bootstrike.com> wrote in
message news:OetdybMRIHA.2396@TK2MSFTNGP02.phx.gbl...
> Hello,
>
> Try performing a spyware scan by downloading and running SuperAntispyware
> from here
> http://www.superantispyware.com
>
> (the free HOME edition is sufficient for the current problem)
>
> --
> Singapore Web Design
> http://www.bootstrike.com/Webdesign/
> Singapore Web Hosting
> http://www.bootstrike.com/WinXP/faq.html
> Windows XP FAQ
>
> "Lynwood Page" <lvpage@nc.rr.com> wrote in message
> news:476bfc11$0$2366$4c368faf@roadrunner.com...
> > My virus protection software is telling me that I have a virus file at
> > \windows\system32\avmete.dll. The virus protection software will not
> > remove
> > it and I can not remove it even when I boot to safe mode. The error
> > message
> > just says that it can not be deleted. I am running Windows XP/SP1. Can
> > anyone point me in the right direction for how to get this virus file
> > deleted ? Many thanks.
> >
> >
> >
> >
>
>

 

[Lynwood Page]

Re: avmete.dll - Virus file - cannot remove

Hello,
I had to do some work to figure out how to get the computer to boot to
the recovery console. It involved installing something from the XP Source
CD. I was able to boot to the recovery console and delete the avmete.dll
file. I knew there had to be a way to do that. Thanks for pointing me in
the right direction.



"Arkadiusz 'Black Fox' Artyszuk" <blackfox@x-privat.org> wrote in message
news:u273n3tpg5tvgcvna9q1l1mfltm7u7s161@blackfox.org...
> Lynwood Page wrote:
>
> > My virus protection software is telling me that I have a virus file at
> > \windows\system32\avmete.dll. The virus protection software will not
remove
> > it and I can not remove it even when I boot to safe mode. The error
message
> > just says that it can not be deleted. I am running Windows XP/SP1. Can
> > anyone point me in the right direction for how to get this virus file
> > deleted ? Many thanks.
>
> Boot to recovery console and delete that file.
>
> --
> Regards
> Arkadiusz 'Black Fox' Artyszuk