What is it???
AMVO.exe is a trojan/backdoor
Symptoms:

• Folder Option is not working - you cannot enable the Folder Option or show the hidden files running into you computer.
• Hidden file problem
• Always open new windows in all drives
• Error occur of the memory reference

Here are the steps for removing it manually

1. Uncheck amvo.exe from msconfig>> startup (type msconfig in run and click on the startup tab) also and restart your system

1. Click Start > Run and type REGEDIT
2. Go to HKEY_CURRENT_USER > SOFTWARE > Microsoft > Windows > CurrentVersion > Explorer > Advanced
3. On the right side, double click the hidden value and give it a value of 1.
4. Same for HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Explorer > Advanced > Folder > Hidden > SHOW ALL Change the value of Checked Value to 1.
5. Check if your Folder Option if its working now. If it works! OK you are now ready to delete the Amvo.exe virus now.

Sometimes folder options in your PC may get disabled by some virus and after removing the virus, you can not use folder options
here i am sharing some tricks to activate folder options again
Before doing this first remove that virus from ur computer using some good AV
method:1
type “regedit” in run command and hit enter
find any of the following keys:
User Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\ Explorer
System Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\ Explorer
Value Name: NoFolderOptions
Data Type: REG_DWORD (DWORD Value)
Value Data: 0 = show options, 1 = hide options
method:2
do: start > Run > Type gpedit.msc > hit enter > User Configuration > Administrative Templates > Windows Components > Windows Explorer > select Removes the Folder Options menu item from the Tools menu. > Right click: > Properties > Disable > Apply
done!!

QQRob-ABXVirus.Vbs.Small.a

Download Perlovga Removal Tool

Redlof is polymorphic virus that embeds itself without any attachment to every e-mail sent from the infected system. It executes when an infected email message is viewed The HTML.Redlof.A is a very pestering virus. From what I gather, neither does it create any loss of data nor does it send any personal information across the net.

But what it does is horrible. It actually comes in the form of a script. The script is copied onto several other .htm, .html, .vbs, .asp, .htt, .jsp files on your hard drive. Then whenever any of these files are executed, the script is copied onto more files which create more files and so on.

VBS/Redlof.A@m executes directly from an infected message by using a security vulnerbility in Internet Exlorer known as Microsoft VM ActiveX Control Vulnerability. More information about the vulnerability and a fix is available from Microsoft: http://www.microsoft.com/technet/security/bulletin/ms00-075.asp

The virus also infects files with extensions “htm”, “html”, “asp”, “php”, “jsp”, “htt” or “vbs”.

Redlof drops the following infected files:

\Program Files\Common Files\Microsoft Shared\Stationery\blank.html
\Windows\System\Kernel32.dll
\Windows\web\kjwall.gif
\Windows\system32\desktop.ini

“blank.html” is used to replace the default stationaries for both Outlook and Outlook Express via registry causing that the every message sent from an infected system will carry the virus.
The “Kernel32.dll” is also set to registry so that it will be executed on the system restart:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Kernel32

Download Removel tools

http://www.gdata.pl/kmdownload/download.php?op=getit&id=61

http://www.softpedia.com/get/Antivirus/Redlof-Remover.shtml

( Also known as: Virtumonde, Msevents,and Vundo, Trojan.vundo )

My friend had a problem with his computer. He was getting the following message when opening Orkut:

ORKUT IS BANNED,Orkut is banned you fool`,The administrators didnt write this program guess who did??`r`r                                               MUHAHAHA!!

On further research I found out that this is caused by a worm called win32.USBworm. It also blocks Firefox from accessing the internet. The following message comes when opening Firefox:

I Dnt Hate Mozilla But Use IE Or Else… with title as Use Internet Explorer U Dope.

And it also blocks Youtube popping up the following message:

youtube IS BANNED,Orkut is banned you fool`,The administrators didnt write this program guess who did??`r`r                                               MUHAHAHA!!

Follow the steps below to remove this worm from the infected machine:

1. Open Task Manager –> Processes –> Find svchost.exe under the user account (There will be others under network and system accounts. Don’t close them). There will be two svchost.exe under the user account. Kill both of them.
2. Then go to Start –> Run –> regedit and find the following key:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
   Delete Winlogon key from the right hand pane.
3. Enable your “Show hidden files and folders”
4. After completing step 3, issue the following commands from the command prompt:
   Open command prompt and execute the following command:
   attrib -S -H -R C:\heap41a
   After executing the above command, execute the following command:
   rmdir /s /q C:\heap41a
   Replace C:\ with your system drive.
5. If you are using a flash drive, remove microsoftpowerpoint.exe and autorun.inf from the drive.
6. Go to your start menu –> All Programs –> Startup. Make sure there is no unnamed suspicious file in the startup folder.
7. Turn off system restore and turn it on again.
8. Restart your computer.

Alt method

Hopefully this will remove the worm from the infected system. Please tell us your experiences about this. If you have any doubts, please ask me via comments below.