Remove Amitis. Description and removal instructions

Title: Amitis
Type: Backdoors	Severity scale: (84 / 100)

Amitis is a dangerous backdoor that gives the remote attacker full unauthorized access to a compromised computer. The threat uses files with random names. It automatically runs on every Windows startup.

FORUM:
Discuss Amitis in
spyware removal forum

Amitis properties:
• Allows remote user connection
• Hides from the user
• Stays resident in background

Automatic Amitis removal:

remover for Amitis

Amitis manual removal:

Kill processes:
kernel32.dli

HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kernel
HKEY_CURRENT_USER\Software\Microsoft\Notepad\showed=yes
HKEY_CLASSES_ROOT\.dli
HKEY_CLASSES_ROOT\dlifile

HELP:
how to remove registry entries

Delete files:
kernel32.dli

HELP:
how to remove harmful files

Misc:
The kernel32.dli file can be found in the default system directory, which is one of the following: C:\Windows\System, C:\Windows\System32 or C:\Winnt\System32.

The backdoor may use different files located in C:\Windows or C:\Winnt folder.

Amitis accepts remote connections on 3547, 7823, 12345, 13173, 44280, 44390, 473870, 64429 TCP ports.

Other programs to remove Amitis:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 04/03/05
Information updated: 08/10/05

Additional resources related to Amitis:

Attention: If you know or you have a website or page about Amitis removal, feel free to add a link to this list: add url

more resources

Post Comment:

Attention: Use this form only if you have additional information about Amitis parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.