HELP! Computer idiot here. Recently loaded free version AMG virus scan and it says I have the trojan horse downloader virus. I've not noticed any difference in the way the puter is working however. When I try to move it to the virus vault, msg pops up that it cannot be moved. location is C:\_RESTORE\TEMP\A0155409.CPY There are actually 7 of these locations all the same except last 3 digits go from 409 - 415 and the virus name is the same except for the last letter (i.e. dyfica.p or dyfica.q) etc. The letters are Q,P,I,K,E,G,G. This is my first time to this site - all help will be greatly appreciated. If you need more OS or CPU/RAM info and you'll tell me where to find it - I'll gladly supply the info. Thanks!!! I saw this addressed once before, but, being a computer dummy, not sure if that answer was appropriate for my situation.

P.S. I've downloaded the Hijack program I've seen referenced a few times, however don't have a program on my puter to unzip it. <sigh> Anyone know of a good freeware zip program?

hi carole, try this: Remove these registry entries if present: HKEY_CLASSES_ROOT\clsid\{405fd721-04ef-4ef2-ab96-fb31d32d4643} HKEY_CLASSES_ROOT\clsid\{a0f0d762-d1de-43af-b70e-d87864743eb3} HKEY_CLASSES_ROOT\clsid\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8} HKEY_CLASSES_ROOT\clsid\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} HKEY_CLASSES_ROOT\typelib\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} HKEY_CLASSES_ROOT\typelib\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8} Remove these files if present: Open the 'Downloaded Program Files' folder and delete the entry for 'NSUpdateLiteCtrl Class' (NSUpdate variant), 'NSLiteUpdateCtrl Class' (NSLitevariant), 'MoneyTree Dialer' (UniDist variant), 'MultiDist' (MultiDist variant), or 'Software Update Manager' (DyFuCA variant). kill these running processes with Task Manager: programfilesdir+\dialers\stmtdlr.exeactalert.exe optimize.exe stmtdlr.exe view_sex_now.exe or if found: bl-install4.exe blss.exe installer.exe removeme.exe safesurfing.exe ssupdate.exe un-bl.exe updaterinstall_102.exe Follow these steps to remove DyFuCA/Internet Optimizer from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake. Unregister these dll's with Regsvr32, then reboot: nem214.dll iopti130.dll nem207.dll nem210.dll nem212.dll wsem210.dll safesurfing.dll ssurf022.dll Remove these registry items (if present) with RegEdit: HKEY_CLASSES_ROOT\clsid\{405fd721-04ef-4ef2-ab96-fb31d32d4643} HKEY_CLASSES_ROOT\clsid\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} HKEY_CLASSES_ROOT\clsid\{a0f0d762-d1de-43af-b70e-d87864743eb3} HKEY_CLASSES_ROOT\clsid\{bf279130-3f58-4e26-8043-cd5688a4d4c9} HKEY_CLASSES_ROOT\clsid\{c89bb48c-15d9-4f4f-803e-95d90f62be62} HKEY_CLASSES_ROOT\clsid\{e8edb60c-951e-4130-93dc-faf1ad25f8e7} HKEY_CLASSES_ROOT\clsid\{fc87a650-207d-4392-a6a1-82adbc56fa64} HKEY_CLASSES_ROOT\interface\{563e5df0-2c1c-4513-bbf5-d380536bb8fc} HKEY_CLASSES_ROOT\interface\{9f2c17ac-9aa4-4c3a-82c7-ea7bcf00f03d} HKEY_CLASSES_ROOT\interface\{ca7ccb52-6922-47e5-b784-3a3f82c51863} HKEY_CLASSES_ROOT\interface\{f332d106-2ef3-45c4-baf2-0f739d76b26a} HKEY_CLASSES_ROOT\multidist.multidistctrl.1 HKEY_CLASSES_ROOT\typelib\{11b6f65d-7b8d-43cb-9aae-17234a1db33a} HKEY_CLASSES_ROOT\typelib\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} HKEY_CLASSES_ROOT\typelib\{96b01a48-1317-4a87-91f7-10116f755705} HKEY_CLASSES_ROOT\typelib\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8} HKEY_CLASSES_ROOT\unidist.unidistctrl.1 HKEY_CURRENT_USER\software\fci HKEY_LOCAL_MACHINE\clsid\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} HKEY_LOCAL_MACHINE\software\fci HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{e8edb60c-951e-4130-93dc-faf1ad25f8e7} HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{fc87a650-207d-4392-a6a1-82adbc56fa64} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/muldist.ocx\searchassistant HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/unidist.ocx HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\downloaded program files\muldist.ocx HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls\c:\windows\downloaded program files\unidist.ocx Or These Registry Entries: HKEY_CLASSES_ROOT\interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001} HKEY_CLASSES_ROOT\typelib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc} HKEY_CLASSES_ROOT\typelib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb} HKEY_LOCAL_MACHINE\software\avenue media HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8} Remove these files (if present) with Windows Explorer: programfilesdir+\dialers\stmtdlr.exe systemroot+\downloaded program files\moneytree dialer systemroot+\downloaded program files\muldist.inf systemroot+\downloaded program files\muldist.ocx systemroot+\downloaded program files\multidist systemroot+\downloaded program files\nsliteupdatectrl class systemroot+\downloaded program files\nsupdatelitectrl class systemroot+\downloaded program files\software update manager systemroot+\downloaded program files\unidist.inf systemroot+\downloaded program files\unidist.ocxactalert.exe cln4380.tmp iopti130.dll nem207.dll nem210.dll nem212.dll optimiser.msg optimize.exe unidist.ocx view_sex_now.exe wsem210.dll bl-install4.exe blss.exe installer.exe removeme.exe safesurfing.dll safesurfing.exe ssupdate.exe ssurf022.dll un-bl.exe updaterinstall_102.exe for more info on trojans go www.thepublicworks.com security section hope this helps, murve

hi carole, if the above manual delete is too complicated for you, why not try downloading a copy of Spybot, and Adaware, both will help you solve the problem. also download a free copy of A2 anti-trojan, you can find the link at www.thepublicworks.com as for getting a free zip program, go to www.webattack.com and link to freeware, look under zip software. all the best, murve

hi carole, my apologies, the link for Free A2 anti-trojan link is through the ants anti-trojan link on thepublicworks site. murve

Hi all, I'm new here like Carole and I've been trying to rid my PC of Downloader.Dyfica.v for several days now. My AVG program spotted it but couldn't delete it. I downloaded and ran two Trojan removers and they couldn't even find it. I've tried Spybot as well. :( From what I understand, this trojan monitors your internet activities and doesn't screw with any programs. But still, it's annoying, to say the least. I remember when I had the Blaster, I went to Norton and they had a patch/fix to remove it. Could they have the same for this little culprit? Thanks.