Ok this is the second run in with this particular nasty little trojan ive had.

Ok first the name of it is dl.exe im guessing. Avast detects it as Win32 : Tenga-B

Anyways for some reason i just got it. I havent downloaded anything at all in the past few weeks. Havent done anything. All i was doing was trying to fix my WoW server and next thing i know this ***** is attacking all my install files. Like Firefox install, AIM install, CCC Codec pack, Divx, certian game patch installs i havent .rard yet, GPU-Z, ect ect. YOu get the point. The last time i got this i had to delete over 560gig and redo EVERYTHING. Now, i want to know what usualy would bring this thing in. Anybody know? Any advice cause ill double check with what i have sitting on my server and make sure i never use w/e it is again.:icon_tiphat:

I cant stand virus' and i guess even the most cleanest of browsers and downloaders can get hit. Grr. (Btw Avast was actively running on my server when it got hit and didnt see anything until a reboot)

It could of been in one of your system restore files and launched it self.

When fixing a customers machine with a virus we usually delete the system restore files in the process of cleaning the machine.

I have system restore completely taken off of my copy of XP.

Avast can't heal them?

I think someone's just trying to take down your wow server.

You can try Kaspersky Internet Security 7.

I delete the customers restore files, but since restore is gone from your copy it's not an issue.

If it's not a direct attack on your WoW server it might be a downloader trojan. Usually when I find it on customers rigs I find a downloader. If your up and up (and I'm not saying your not) legal with your Windows you can try Windows Defender free, so far no reinfections on the customers I've used it on when used in conjunction with AVG.

I find manually scanning downloaded files before running them detects bugs that get past the scanner in Zips and Rar files.

Well im running XP so no Defender for it. XP 32 BTW. And yea its the dl.exe that wipes your installer files and runs a cmd. Ive noticed once the internet was unplugged it was compeltely halted.

And nah not WoW server. Cause ive gotten this before like 3 years ago.

Well im running XP so no Defender for it.

I use Windows Defender and I'm running XP Pro SP2. You can download it from Microsoft, but has to be validated.

Ohh really? Well i never really liked Defender on my copy of Vista so i took it outa that too. Im running Avast Pro 24/7 on my server now so i should be cool. So far its detected every single file i suspected of being infected with that damn virus. (Windows 32 Tenga-B)