Try free downloads: RegSeeker and Ad-Ware 6. Regseeker wanted to delete 850 of my files but saw that someone else had gone with it and deleted them without effect, so then did I!! All is okay.
Reboot several times too. I think that "helps".
My AVG kept finding my Downloader.Small.5.N until this morning when it said it had healed it. Something here worked, and I have no idea what Downloader.Small.5.N does.
Failing the above, search on the internet for - Trojan Horse Downloader.small.EN. Loads of things there.
I found this Trojan Horse, but my version was 'Downloader.Small.6.1.'AVG found it in my C:/Progra Files folder. When I clicked on the file to Delete it, AVG threw up one warning after another. When it finally stopped, the Delete confdirmation box appeared on the screen. Again, AVG won't let you Delete it from the Recycle Bin, so I restarted in DOS mode, and used the Deltree command to Delete it for good.Any file can be Deleted in this mode but, unfortunately, I only know the command to delete the Bin.
Close the computer down then restart with the dos prompt. The prompt will indicate something like this "c:\>" type in as follows, press space then "del" then space again then type in the offending file name such as "C:\WINDOWS\system32\70000015.exe" then press return. Close down and restart normally. Your troubles are over.
All Trojan horses are hidden files so you would need to go to the Files Option (click the View tab)at Control Panel and uncheck both the *Hide file extension for known file types & *Hide protected operating system files (Recommended)-boxes, then OK yourself out. You will then need to restart your computer and and go into Safe Mode by holding the F8 key down -(kind of at the beginning of start up). When you're at the DeskTop screen go to Start/ Search/ For Files and Folders and type up the NAME OF THE FILE & EXT which would have shown up on your Anti-Virus software, you can delete this file from here.
I have had 4 Trojan horses on my C drive and kinda figured out the above method a week ago. I deleted the Temp file from the Restore folder after unchecking the hidden files boxes, then went to SafeMode to delete these 4 virus files. My computer is now absolutely FREE of these pests!
Downloads popup generator malware and propagates the infection to other dummy system files. This contains the wintrim downloader Trojan
Try downloading a program by the name of Avast it's a great virus scanner/protector :)
Disable System Restore (Windows Me/XP). Update the virus definitions. Restart the computer in Safe mode or VGA mode. Run a full system scan and delete all the files detected as Downloader.Trojan. Edit the registry and look for references to the Trojan.
Trojan Downloader is one of the most dangerous threats. Once this threat is infected with your computer, it is necessary to remove Trojan Downloader at once. There are some tips on how to remove and prevent Trojan Downloader from your PC below.
http://www.ca.com/us/securityadvisor/virusinfo/virus.aspx?ID=62504
Start up in safe mode. Then open the folder windows\system 32 and locate the kerberos.exe right click and do an antivirus scan. followed by qaurantining it. reboot and rescan. Bobs ur auntie
1. Start the computer at Safe Mode, go to c:\windows\system32.remove the mgo.dll directly. 2. run the Regedit,search the string of mgo.dll and then remove the string.
From adaware forum In case you don't have HijackThis...* Download Trend Micro Hijack This™Doubleclick the HJTInstall.exe to start it.By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut.HijackThis will open after install. Press the Scan button below.Then in HijackThis, look if one of the following is present and check it in HijackThis:(the CLSIDs {********-****-****-****-************} may be different in your case, but the filename is always the same)O2 - BHO: BetaDivX - {48BF2BC0-2945-11D8-8CAC-00080FC65465} - C:\WINDOWS\system32\IR9V0_QCX.dllO2 - BHO: BetaDivX - {D99BACC6-6289-4D4F-8BAF-4192016AF547} - C:\Windows\System32\bDivX.dllO2 - BHO: IntelVideoCodec - {33A12BEB-3219-4CA8-99B4-733192704C62} - C:\WINDOWS\system32\IntelVideoDivX.dllO2 - BHO: IntelVideoCodec - {04F7FAC5-F506-4F29-9094-9CB9144B192C} - C:\WINDOWS\system32\IntelVideo.dllO2 - BHO: IntelVideoCodec - {AF36E90A-44CA-4EE3-B578-C07383623217} - C:\Windows\System32\Video32.dllO2 - BHO: RealMedia - {87B570FB-D2CF-4D3C-8E1B-E1E7018BBA95} - C:\WINDOWS\system32\dx50codec.dllO2 - BHO: RealMedia - {0EEDB911-C5FA-486F-8334-57288578C627} - C:\WINDOWS\system32\XunLeiBHO_Now.dllO2 - BHO: 3GP - {5D67E2E7-0C2B-4491-87C4-37F2AC6033D2} - C:\WINDOWS\system32\a3gpcodec.dllO2 - BHO: AlphaDivX - {3B236BEE-8200-421D-919D-CA17D5739D8F} - C:\WINDOWS\system32\aDivX.dllO2 - BHO: Mp3 Video - {D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF} - C:\WINDOWS\system32\mp3avi.dllO2 - BHO: Mp3 Video - {2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99} - C:\WINDOWS\system32\VideoMP3.dllO2 - BHO: Video On-line - {741403DD-46A4-4D58-8FA7-427335C3BBF6} - C:\WINDOWS\system32\PowerVideo.dllO2 - BHO: Video DivX 3.12 - {09D72564-27E2-4F12-8AB6-03F83E4567DE} - C:\WINDOWS\system32\sysdivx.dllO2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - C:\WINDOWS\system32\sysvideo32.dllO2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - C:\WINDOWS\system32\sysvideo32.dllO2 - BHO: Video - {15FEB658-AACC-412E-BC13-D54CFD74A8F6} - C:\WINDOWS\stream32a.dllO2 - BHO: Video - {D0995F82-90C7-4C78-9B4C-C1700FB8B120} - C:\WINDOWS\windivx.dllClick the "Fix checked" button below.Then reboot your computer.After reboot, navigate to and delete one of the following file if still present (related with the entry you fixed in HijackThis):C:\WINDOWS\system32\IR9V0_QCX.dllC:\Windows\System32\bDivX.dllC:\WINDOWS\system32\IntelVideoDivX.dllC:\WINDOWS\system32\IntelVideo.dllC:\Windows\System32\Video32.dllC:\WINDOWS\system32\XunLeiBHO_Now.dllC:\WINDOWS\system32\dx50codec.dllC:\WINDOWS\system32\a3gpcodec.dllC:\WINDOWS\system32\aDivX.dllC:\WINDOWS\system32\mp3avi.dllC:\WINDOWS\system32\VideoMP3.dllC:\WINDOWS\system32\PowerVideo.dllC:\WINDOWS\system32\sysdivx.dllC:\WINDOWS\system32\sysvideo32.dllC:\WINDOWS\stream32a.dllC:\WINDOWS\windivx.dllAlso look if the following files are present and delete them:C:\Windows\System32\bDivX.dll.bakC:\WINDOWS\system32\IR9V0_QCX.dll.bakC:\WINDOWS\system32\IntelVideo.dll.bakC:\WINDOWS\system32\IntelVideoDivX.dll.bakC:\Windows\System32\Video32.dll.bakC:\WINDOWS\system32\XunLeiBHO_Now.dll.bakC:\WINDOWS\system32\dx50codec.dll.bakC:\WINDOWS\system32\a3gpcodec.dll.bakC:\WINDOWS\system32\aDivX.dll.bakC:\WINDOWS\system32\mp3avi.dll.bakC:\WINDOWS\system32\sysdivx.dll.bakC:\WINDOWS\system32\VideoMP3.dll.bakC:\WINDOWS\system32\PowerVideo.dll.bakC:\WINDOWS\system32\sysvideo32.dll.bakC:\WINDOWS\stream32a.dll.bakC:\WINDOWS\windivx.dll.bakNormally, by default, if you fix that entry in Hijackthis and your Internet Explorer is closed while fixing in HijackThis, HijackThis will already delete that file as well. So don't worry if you can't find the file afterwards anymore - HijackThis already deleted it. But it's always a good idea to doublecheck.Please make sure you don't delete "similar looking" files as they may be legitimate.In case when you're in doubt or it didn't solve your problem, please start a NEW thread in the HijackThisforum with your HijackThislog.FYI... Ad-Aware removes this pest as well. So make sure you have the latest updates.
W32/AutoIt Trojan and its variants VirusW32/Delf Downloader Trojan and its variants VirusW32/OnLineGames Password Stealer Trojan and its variants VirusW32/Agent Dropper Trojan and its variants W32/Agent.ENU.Dropper is a Trojan. The Trojan will infect Windows systems. VirusW32/Peacomm Trojan and its variants
On Windows XP: Restart windows in safe mode (press F8 after 2nd boot screen), then: 1. browse to c:\windows\system32 and search and delete bridge.dll 2. browse to c:\documents and settings\YOURUSERNAME\local settings\temp and delete all files restart windows in normal mode.
Dropper.small is a Trojan downloader
In NOTEPAD write this: @echo off SET FILE=sqll echo y | cacls c:\windows\system32\*FILE*.dll /g Everyone:f attrib -r -s -h C:\Windows\system32\*FILE*.dll ren C:\Windows\system32\*FILE*.dll *FILE*.old del C:\Windows\system32\*FILE*.old Than change the *FILE* to the filename infected and save this as REMOVE.BAT file. Run it in normal mode and the Trojan BackDoor.Agent.BA is OUT.