So yeah. Virus.

I have one. Need to get rid of it.

Trojan horse Downloader.Generic6.AEPH at location
C:\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Content.IE5\UQ0SK3VN\!update-4495[1].txt

Can't just delete the whole folder, it's important, and the virus keeps coming back.

Please help :(

Only sure fire way is to format your harddrive and reinstall Windows.

The virus isn't in there... just it's companion. The virus itself is running elsewhere.

If you want -- you can check your Registry's startup folders (HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows -> Current Version -> Run/RunOnce) is the most popular one -- but similar folders are in HKEY_Users (and its per-user subfolder) HKEY_CurrentUser.

Then if you have a rootkit then you cannot actually see it -- it edits the Windows Kernel to trick windows into assuming that it's the administrator and you're just a limited user who shouldn't be allowed to touch it.

Really "the virus doesn't keep coming back" -- you're just not killing the virus -- you're deleting files associated with the virus that the virus rebuilds.

what anti virus software you using?

what anti virus software you using?^<-- Once a virus gets in the computer -- that **will not do crap all** if the virus is smart enough to make sure it doesn't do crap all.

Viruses these days are *BIG* business... big business which wants to keep operating... and will use any and every trick in the book to make sure they keep operating. ((That's under the assumption you're NOT just lucky and the virus wasn't written by a small-timer))

Even if you kill the virus -- there's no telling how much damage the virus already did to open up holes for it and "friendly" viruses/hackers in the future.

That being said -- since you at least know you have a virus -- that's promising. The most dangerous ones are the ones which you don't know you have.

One of the reasons why I sigh at people with firewalls (excluding Windows Firewall since that's free and lightweight anyway) AND routers at the same time. The only extra protection the firewall will provide is outbound protection... If you need outbound protection -- you already got a virus -- it probably killed your firewall

Run windows in safe mode. Get rid of the Guest account and remake it. Get an anti-rootkit tool and try and get rid of it. Or try put the file the virus makes into a zip file and then rename it to txt again.

This is why I like Linux.
If you make a virus for Windows everyone will congratulate you.
If you make a Virus for Linux you will be disemboweled by very angry Linux users, also you will take much longer and affect many less people because there are like 2000 different versions of Linux.

Run windows in safe mode. Get rid of the Guest account and remake it. Get an anti-rootkit tool and try and get rid of it. Or try put the file the virus makes into a zip file and then rename it to txt again.

This is why I like Linux.
If you make a virus for Windows everyone will congratulate you.
If you make a Virus for Linux you will be disemboweled by very angry Linux users, also you will take much longer and affect many less people because there are like 2000 different versions of Linux.Meh, not really...

If you limit Linux viruses to free-roaming Linux viruses -- sure... but if there's a virus in Linux -- chances are it's been planted there for a reason.

And people don't congratulate you for Windows viruses except the adware/spyware/junk email companies who paid you to make it.

I always use Firefox to browse the web and I usually clear private data so I'm good.

I always use Firefox to browse the web and I usually clear private data so I'm good.... no... no you're not... no you're definitely not.

XP without Service Pack or even 2000 with SP4 can get a virus within 10-15 minutes from the internet -- at random -- by getting their IP randomly pinged by an infected computer.

Yep -- that's it. That's all it takes.

^<-- Once a virus gets in the computer -- that **will not do crap all** if the virus is smart enough to make sure it doesn't do crap all.
no i'm just wondering what software He was using that allowed it in, in the first place.

Personally i Use Mcafee and avoid norton like the plague.

Phopojijo, if you've got a good hardware firewall (router, or an ACTUAL dedicated firewall) then the chances of having it infected are almost null. Having outbound blocked helps a lot if you've got a trojan or something. If it's a plain Virus though, and it's past your Anti-Virus, then yes, reformatting is the best option.

Wow, cant believe you told him to reforma so early on phojo. Getting a virus doesnt automatically mean you need to reformat, quite a large number of viruses can be deleted, it just requires you to do the correct steps, yes however some viruses are just so hard to delete, lazy people just reformat and admit defeat.



I suggest you go to this website, and post a hi-jack this log file. They are extremely good at knowing what type of virus, and if its possible to remove the proceedure to do so. It also has good general security information.
http://www.cybertechhelp.com/forums/index.php

Phopojijo, if you've got a good hardware firewall (router, or an ACTUAL dedicated firewall) then the chances of having it infected are almost null. Having outbound blocked helps a lot if you've got a trojan or something. If it's a plain Virus though, and it's past your Anti-Virus, then yes, reformatting is the best option.Yea a correctly configured hardware firewall is good. (A router by definition is an inbound hardware firewall since it will not route data that's unsolicited. It literally cannot! It will not know what computer to send it to so it just bounces it).

But inbound random attacks are just one of the ways to get infected.

Still though -- like I say: Antiviruses are your 4th line of defense.

1) Keep Windows updated!
2) Keep a hardware firewall installed!
3) DON'T DO ANYTHING STUPID (open unrequested attachments, etc)
4) Antivirus (<--- For the other fraction of a percent of instances where the first 3 lines of defense fail)

Wow, cant believe you told him to reforma so early on phojo. Getting a virus doesnt automatically mean you need to reformat, quite a large number of viruses can be deleted, it just requires you to do the correct steps, yes however some viruses are just so hard to delete, lazy people just reformat and admit defeat.



I suggest you go to this website, and post a hi-jack this log file. They are extremely good at knowing what type of virus, and if its possible to remove the proceedure to do so. It also has good general security information.
http://www.cybertechhelp.com/forums/index.phpOh they *can* be deleted (And I still try when I get viruses) -- but you *cannot make sure* they are deleted, fully deleted, and with no backdoors installed not directly associated with the virus.

Sure -- they USUALLY don't do that... but if you do banking or similar activities on your computer... USUALLY isn't quite good enough for a 5000$ Credit Limit.

Viruses got a whole hell of a lot more sophisticated since ~2004-2005. They'll use every trick in the book to make sure your computer does as much for them as possible.

If that involves not reinstalling certain modules because they've been deleted a couple of times (and therefore obviously known to the user) -- they will. Give you a false sense of confidence.

Viruses are no longer jokes or hacker tools... they are big and serious business {cue the photoshops} and they WILL make sure they can make money off of as many people as they possibly can.

It's just not as easy as it used to be. It's not about being lazy -- it's about being literally impossible to keep on top of and know that you're on top of it.

There is one way to prevent getting a virus ever. Create your own operating system and don't let anyone know about it.

There is one way to prevent getting a virus ever. Create your own operating system and don't let anyone know about it.It's also a way to make sure NO program gets installed...

I've never let a virus get through. I disable JavaScript in my browser, which prevents those websites that use it to install spyware and trojans and shit on your computer, and I scan everything I download with AVG, McAfee, SpySweeper, and Ad-Aware.

I've never let a virus get through. I disable JavaScript in my browser, which prevents those websites that use it to install spyware and trojans and shit on your computer, and I scan everything I download with AVG, McAfee, SpySweeper, and AdAware.
You mean Ad-Aware, dont mean to be picky at your post, but there is a fake antispyware called AdAware, which is a virus/spyware.

I've never let a virus get through. I disable JavaScript in my browser, which prevents those websites that use it to install spyware and trojans and shit on your computer, and I scan everything I download with AVG, McAfee, SpySweeper, and AdAware.That's the point. You don't know that.

There's enough unpatched, known security holes in Windows that you can be randomly attacked.

That being said -- being smart, having Windows patched, and having a hardware-based firewall keeps you pretty well locked down...

... but saying it's never happened, definitively, is wrong. You cannot know that.

You can only be 100&#37; safe if you do not go on the internet. It's like if you don't want to get sick stay in a bubble in your house. But whos going to do that. You can't prevent them. You can minimize your chance and thats what antispyware does.

Well, my father fixed it.

However, he is a programmer and has worked with windows (and Microsoft) for decades; it took him a day to get rid of it.

He mentioned some program that helped him a lot; if I remember the name, I'll point this thread to it.

I've never got a virus in a long time ever since I got Comodo, but you can sometimes Google the virus, that's if you're risking to get another.

I use AVG Free. It isn't the best (Hell, it was FREE), but as long as you know how to keep your nose clean (Don't open random email with titles like "MAKE YOUR PENIS LARGER IN 6 WEEKS!" or "TAKE A THRILLING FREE VACATION TO PEN ISLAND!", no Pr0n [I barely trust 4Chan's /b/ for any... Never mind], etc.), it'll take care of any random viruses.

I have never gotten a virus from day to day activity. I have only gotten one when i was literally trying to get one.

1. turn off autoaccept file transfers in all your messaging applications
2. only open emails from family or things you subscribed to (or contacts)
3. use firefox
4. use Avast! (free, as good as norton/mcoffee)
5. don't look around illegal stuff on the internets
6. use a router (hardware based firewall)
7. DONT DOWNLOAD ANYTHING, NOT EVEN PICTURES, FROM ODD SITES. If you need a pic, just prntscrn + mspaint.
8. Update your system as often as you can.

Those are the rules i live by, and so far it's worked like a charm.

I have never gotten a virus from day to day activity. I have only gotten one when i was literally trying to get one.

1. turn off autoaccept file transfers in all your messaging applications
2. only open emails from family or things you subscribed to (or contacts)
3. use firefox
4. use Avast! (free, as good as norton/mcoffee)
5. don't look around illegal stuff on the internets
6. use a router (hardware based firewall)
7. DONT DOWNLOAD ANYTHING, NOT EVEN PICTURES, FROM ODD SITES. If you need a pic, just prntscrn + mspaint.
8. Update your system as often as you can.

Those are the rules i live by, and so far it's worked like a charm.You cannot be sure that you've never gotten a virus.

I mean the chances are pretty slim... using those rules you'd pretty much need to be targeted explicitly. It's the best way to be.

The point I'm trying to make is...

You don't always know if you have a virus... some viruses are made with the explicit intent of keeping you in the dark... and they can get VERY good at it.

But unless people had access to your computer -- not really any viable way in.

I have never been infected since I built my current desktop PC.

Spybot and Ad-aware may be free, but at the very least, they can detect the virus and in most cases, identify it by name. Even if they can't kill the virus, they can provide valuable info. After that, just go on another computer and Google "how to remove (name of virus)"

As for pay-for software, I have Webroot Spysweeper and Norton Antivirus.

I'm with phobo on this one.

i had a computer a few years ago that got some virus's and we didnt even realize.
Then a few months later i went to a link up and we found something like like 70 Virus's and Trojans on the Comp.

there Sneaky little bastards.

E: Bucky i'd replace Norton with Mcafee if i was you.
My bro does loads of work in repairing computers, networks ect ect. (he's doing Electrical Engineering and Network engineering at Uni) and he always tells me about the Abundance of problems that computers with Norton get.

First thing he does is Reformat.
Install Mcafee.

in his words "it's about as secure as a wet paper bag"

It's just not as easy as it used to be. It's not about being lazy -- it's about being literally impossible to keep on top of and know that you're on top of it.
I haven't so much as thought about viruses, malware, or anything of that sort for... what... a year? Getting **** close to a year now... And with all web browsing, downloading, and even serving that I do... And I don't even use any special firewall except my s***y router one. Absolutely nothing.

And guess what...
My AV tool, packed with the newest definitions, reports zilch.

*Waits for some uneducated soul to discourage my behavior*

damn phopo, you are one paranoid mother fucker.


jeez.

I can give you 10 variations of the same virus. Your AV software is only going to detect the original one even though the other onces work EXACTLY the same. Why? Because AV softwares search for signatures inside the PE files...if those files are protected/packed the signatures are not recognizable. The packers make the PE files smaller but they work exactly the same like the original one.

Many companies (even the big names) add malware for $$ to their software, pack the executables with the excuse of "avoiding hackers" (hackers unpack the software 100 times faster it took the company to make the packer in the first place :fail: ). Instead, the software installs unwanted software which your AV can't detect because of the changed signatures.

damn phopo, you are one paranoid mother fucker.


jeez.Nah frankly I don't care too much about myself.

I'm just trying to point out:

"I never had any viruses" -- is a lie... you cannot know if you have a virus if it was REALLY designed to be hidden.

There is a tradeoff between acceptable risk and acceptable performance/convenience however; it's all about removing risks until you are confident that you're secure enough that further security is not necessary. I typically draw the line at updating, having a router, and not doing anything stupid. If you want to go beyond that and have an antivirus package? Go ahead -- I find it a waste of performance though.

And when you get infected -- I find it's easiest to just format everything (I set up my harddrives so all my documents, settings, and data are on a do-not-wipe harddrive... so I just format the windows + programs partition and reinstall. No data lost, no time spent backing up.) If you want to just remove the virus and see what happens? You can do that... but since BIG COMPANIES moved in on the business of viruses -- yes it IS a business now -- it's getting less and less viable of an option.

2 hard drives. One gets a virus, spend a couple hours formatting/reinstalling/copying files, and its all good. But thats if it wants to get past my router, AVG, Mcafee, windows firewalls, and spybot residents to do anything. I frequently check running processes (not through default task manager) and services to notice any abnormalities.....

only had one browser hijack once, and i destroyed it.....with the power of google, spybot, safemode, a second HDD with linux, killbox, and a couple other useful tools...

Sigh -- that's the problem... what else did the virus do that you *don't* know about?