I am using the last and updated version of Avast Home.
But it does not see the trojan on my lap-top.
Windows version XP-Home
Info about trojan:
Threat name
Win32.Trojan.Dialer.EJ
Filename
%%CommonFilesFolder%%\delsim\del.exe
Here is I found an info of manual deliting:
Kill processes:
csrss.exe, del.exe, dont delete me.exe, msn.exe, msnpaint.exe, notedpad.exe, open me.exe, winfile.exe
Help: how to kill malicious processes
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\update=%System%\winupdate\csrss.exe
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page=[site address 1]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title=Warrior !!! By Mr.X
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url=[site address 2]
Help: how to remove registry entries
Delete files:
csrss.exe, del.exe, dont delete me.exe, msn.exe, msnpaint.exe, notedpad.exe, open me.exe, winfile.exe, d.bmp
Help: how to remove harmful files
Delete directories:
C:\Windows\System\winupdate
C:\Windows\System32\winupdate
C:\Winnt\System32\winupdate
Misc:
is a number from 1 to 13.
[site address 1] is an address of a web site on the mrx-server.com domain.
[site address 2] is an address of a web site on the sex.nl domain.
Exact file location:
csrss.exe - C:\Windows\System\winupdate, C:\Windows\System32\winupdate or C:\Winnt\System32\winupdate
del.exe, dont delete me.exe, msn.exe, msnpaint.exe, notedpad.exe, open me.exe, winfile.exe, d.bmp - C:
Also additional info in here:
http://ca.com/us/securityadvisor/virusinfo/virus.aspx?id=63925