Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.Win32.Small.gmi & Hupigon


  • Please log in to reply
3 replies to this topic

#1 Johannes1961

Johannes1961

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:25 AM

Posted 26 January 2009 - 04:52 PM

Hi, PC is running XPHome, AVG 8 Av & Firewall. I run Lavasoft's Ad-Aware manually on the weekend to supplement the (almost) daily running of AVG.

On the weekend - & much to my surprise Ad-Aware notified me of a hupigon infection of Superantispyware.exe! Now I recall SAS requesting that I authorise an update last week. It does this from time to time and I thought nothing of this and so clicked 'yes'; I believe it was a new version including language updates. If SAS.exe really was infected at source, then does this mean that the download site has been hacked & infected. Or is it a false positive?

Anyhow, I did some quick research on the web and decided that as no other symptoms were present I should let Ad-Aware 'clean' SAS.exe and then I uninstalled SAS via the control panel. As I use it very rarely.

I then ran Kasperski Online Scanner this evening. It found Backdoor.Win32.Small.gmi in a trial download of Guitar Pro V5 demo software. This is not detected by MBAM or AVG. Could this be another false positive?

Your guidance much appreciated.

Regards, David

BC AdBot (Login to Remove)

 


#2 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 26 January 2009 - 05:36 PM

Hello there David.

Please try a couple of these free online scanners to see if anything has slipped by your protection:
(Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully)

http://www.pandasecurity.com/homeusers/solutions/activescan/
http://us.mcafee.com/root/mfs/default.asp
http://housecall.trendmicro.com
http://www.bitdefender.com/scan8/ie.html
http://support.f-secure.com/enu/home/ols.shtml
http://onlinescan.avast.com/
http://ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.eset.com/onlinescan/

http://www.kaspersky.com/virusscanner Scan Only - no removal


If you find that you're infected (or the scan doesn't complete or closes unexpectedly), post in the Am I Infected forum located here: http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

regards,
The weatherman

#3 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio

Posted 26 January 2009 - 05:53 PM

If you run the suggested scans and come up with something, I would post in the Am I Infected forum?.
I'm more leery of AdAware than SAS
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#4 Johannes1961

Johannes1961
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:25 AM

Posted 26 January 2009 - 06:02 PM

Thanks guys. Sounds like time to put the kettle on and get the biscuits out! Will let you know what I find. Regards, David




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users