Link to home
Create AccountLog in
Anti-Virus Apps

Anti-Virus Apps

--

Questions

--

Followers

Top Experts

Avatar of wmbat02
wmbat02

Win32 / Hupigon Trojan
I have ESNET NOD32 Antivirus software and a few weeks ago it started quarantining files every time I used my thumb drive on my computer. It kept referring to an "asp.net" file, which I tried to delete, however it would not allow me to (no "delete" option selectable). I found that it would not let me open my thumb drive from "my computer" by clicking on it, in order to open it I would have to right-click it and go to "open portable media device". At that point everything seemed benign. However, two days ago I noticed that somehow someone or something had accessed my email account (both my gmail and hotmail accts) and sent a spam email to everyone on my contact list from me. I couldn't figure out how this happened then I did a full virus sweep and ESET identified:
"asp.net variant of Win32/Hupigon Trojan"
I looked this up and it told me that it can remember and report keystrokes to steal passwords, bank acct info, etc. Obviously it has already done this with my email...I am concerned it has done it to my bank acct info also.
I purchased Kaspersky antivirus software because that was recommended on the website that talked about the virus. However, it talked about erasing things from the register and using safe mode and I got really confused...
I do not know much about this stuff so I would appreciate if someone could lay out a procedure for getting rid of this and what software (if any( I should buy to combat it.

Zero AI Policy

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

Avatar of IndiGenusIndiGenus🇺🇸

Hi,
Sorry to hear of these serious troubles.

First, if you believe that someone has actually gotten access to your data you should pull this PC off the network, and change all of your online passwords from a clean PC. Also, sometimes it is best in these cases to do a clean install after backing up your data. But let's take a look first here.

It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Click on "Do a system scan and save a log file" button. Post the text from the log file. Do not have HJT fix anything at this point.

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log.
Avatar of wmbat02wmbat02

ASKER

Great thanks...the scan is attached.
hijackthis.log
Avatar of IndiGenusIndiGenus🇺🇸

Okay looks like it's running as a service:

Click Start-> Run...
Enter the following commands one at a time into the window and click OK each time.

sc stop asp.net
sc delete asp.net

Then delete the file:
C:\Program.exe

Reboot and post a new HJT log. Let me know how it's going too.


Reward 1Reward 2Reward 3Reward 4Reward 5Reward 6

EARN REWARDS FOR ASKING, ANSWERING, AND MORE.

Earn free swag for participating on the platform.

Avatar of wmbat02wmbat02

ASKER

I couldn't find "C:\Program.exe", but I did the rest you mentioned....here is the file as requested.
hijackthis.log
ASKER CERTIFIED SOLUTION
Avatar of IndiGenusIndiGenus🇺🇸

Link to home
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Create Account
Avatar of wmbat02wmbat02

ASKER

Hidden files are displayed, appears to be working great, thanks for the help and the advice with the av...much apppreciated.
Avatar of IndiGenusIndiGenus🇺🇸

Great! Glad it worked out and thank you for the grade and points.

Regards,
Dave
Free T-shirt

Get a FREE t-shirt when you ask your first question.

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

Anti-Virus Apps

Anti-Virus Apps

--

Questions

--

Followers

Top Experts

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.