TechSpot

Trojan Horse Downloader.Generic2.GHN

By Shad
Aug 7, 2006
  1. Google Brings up nothing about this.

    It effects 3 files which i keep deleting from c:\recycler which moves them to the System Volume folder.... fine, reboot in safe mode and remove them. GONE.

    Then as soon as anyone uses Internet Explorer they apear again, obviously the virus is still sitting somewhere ready to launch when IE is used, but anyone know where.

    I scan with AVG which brings up these

    C:\System Volume Information....... Virus Found Win32/PEPatch Infected, Embeded Object
    C:\System Volume Information....... Trojan Horse Downloader.Generic2.GHN Infected, Embeded Object
    C:\System Volume Information....... Virus Found Win32/PEPatch Infected, Archive

    Also handy to mention that Symantic does not pick this up when scanning. Like i say, i delete these files but then they re-apear when IE is launched

    Can Anyone Help ??
     
  2. Peddant

    Peddant TS Rookie Posts: 1,446

    Go HERE follow the instructions,and post an HJT log in the Security forum.

    Use Firefox or Opera as your main browser,in future.
     
  3. Shad

    Shad TS Rookie Topic Starter

    HJT log ???? i cant use firefox or Opera as this is the company computer
     
  4. Peddant

    Peddant TS Rookie Posts: 1,446

    HJT stands for Hijackthis.It`s a program that shows you all the processes
    running on the computer.All the info you need is in that link.

    Tell your IT people,that if they force people to use the least
    safe browser,then they`re not very good IT people.:rolleyes:
     
  5. Shad

    Shad TS Rookie Topic Starter

    there are only about 5 people who actually use it, so theres not much need for confusing people
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...