The dll file could actually be the cause of you getting the downloader virus. First focus on deleting the dll file and then you can run a virus program to eliminate any other viruses on your computer. First find out what processes that dll file has attached itself to. Go to run and enter procexp. When that pops up go to find dll or handle and enter your dll file name. It will specify which processes it has attached itself. If it's not a vital process then you can kill the process and subsequently delete that dll file. If it's attached to the winlogon.exe or explorer processes then here are a few more steps. Right click on each process seperately and go to properties. Under threads you will need to right click and kill each instance of the dll. You will also need to do this with any handles listed. I had to suspend the winlogon handle. Then you should be able to delete that dll. If it's protected and you can't delete it. Move the file to another folder... I moved it to a new folder in My Documents. Then reboot and you should be able to delete that file. Good luck...
I don't know if there is a better solution but I think you have to reinstall windows
I think that some more info is needed like what operating system you use, have you tried to do it from a bootscan, what virus detection system do you have before this can be answered.
Turn off system restore and run a virus scan in safe mode. Email me if you have more questions.
Downloads popup generator malware and propagates the infection to other dummy system files. This contains the wintrim downloader Trojan
Try downloading and installing NOD32 (www.nod32.com) and perform a full system scan with NOD32 scanner (if the Trojan is already resident in memory, you might need to start Windows in Safe mode first).
I suspect that you have System Recovery turned on. You need to turn it off and then boot to safe mode to remove the virus (most of it). Check the Start/Help for how to do this.
AVG for windows seems to get rid of the downloader, but sometimes it comes back. i personally don't thonk you can get rid of them uless you are willing to do a full system restore. good luck!
Use the online scanner of TrendMicro to remove this trojan: housecall.trendmicro.com And here you can find information on this trojan: trendmicro.com Good luck, Jahewi :-)
If you are using WinXP you'll need to disable the 'system restore' function then download and run AVG antivirus from www.grisoft.com. You can buy 7.0 or download 6.0 for free. Hope this helps.
Disable your system restore, then reboot your comp, then after it boots back up, enable your system restore again. That will get rid of all of those stored files and settings in the System Volume Info folder..
I want to say that i used systheal antivirus to scan my system. I think that the performance of that antivirus was good than Quick Heal and Avira Antivirus.
You can remove it in safe mode. Just keep hitting F8 during bootup, then select safe mode. Once Windows loads, delete c:/do.exe. This is the quick and dirty way to stop this virus. Best to download and install AVG afterwards, and do a full system scan for remnants, but this will let you start the system at least.
To get rid of that Trojan file turn off System Restore and restart your computer then run another virus scan and it should come up clean. AV programs can't remove virus/virus infected files from System Restore. Don't forget to turn on System Restore again after you do the above. To disable Windows XP System Restore right click on My Computer, click on the System Restore tab and select Turn Off System Restore. Don't forget to turn it back on after doing the above.