[solved] Move To Quarantine Failed: Backdoor.hupigon Backdoor.bot. And More

From the scan that just finished.

C:\I386\LANG\IMEPADSV.EX_=]imepadsv.exe Backdoor.Bot.33630 Move to Quarantine Failed

C:\I386\LANG\IMJPDCT.EX_=]imjpdct.exe Backdoor.Bot.33649 Move to Quarantine Failed

C:\I386\MSOOBE.EX_=]msoobe.exe Backdoor.Generic.27044 Move to Quarantine Failed

C:\I386\WEXTRACT.EX_=]wextract.exe Backdoor.Hupigon.20185 Move to Quarantine Failed

E:\SecCopyGrandfather\Thinkpad60GF\MyDocuments\downloads_used\TimesReaderFullSetup.exe.zip=]Documents and Settings/ronhome/My Documents/downloads_used/TimesReaderFullSetup.exe Backdoor.Hupigon.20185 Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\spoolsv.exe [1952] (memory dump) Backdoor.Hupigon.79589 Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\spoolsv.exe [1952] (disk) Backdoor.Hupigon.79589 Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\spoolsv.exe [1952] (full dump) Backdoor.Hupigon.79589 Move to Quarantine Failed

C:\WINDOWS\system32\spoolsv.exe Backdoor.Hupigon.79589 Move to Quarantine Failed

C:\Documents and Settings\ronhome\My Documents\Computer_improve_help\dotnetfx_cleanup_tool.zip=]cleanup_tool.exe Backdoor.Hupigon.9012 Move to Quarantine Failed

C:\Program Files\Common Files\BitDefender\Setup Information\{0B246DA8-309B-4BFD-B2DE-6CB584CCC3EF}\bdis.msi=](Embedded EXE) Backdoor.Hupigon.9012 Move to Quarantine Failed

C:\WINDOWS\Installer\4d361.msi=](Embedded EXE) Backdoor.Hupigon.9012 Move to Quarantine Failed

E:\SecondCopy\Thinkpad60\MyDocuments\Computer_improve_help\dotnetfx_cleanup_tool.zip=]cleanup_tool.exe Backdoor.Hupigon.9012 Move to Quarantine Failed

C:\I386\CHARMAP.EX_=]charmap.exe Trojan.Agent.AJBQ Move to Quarantine Failed

C:\I386\BOOTOK.EX_=]bootok.exe Trojan.Generic.102337 Move to Quarantine Failed

C:\I386\CHKDSK.EX_=]chkdsk.exe Trojan.Generic.102746 Move to Quarantine Failed

C:\I386\WRITE.EX_=]write.exe Trojan.Generic.102924 Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\SYSTEM\=]C:\WINDOWS\SYSTEM32\RSVP.EXE Trojan.Generic.103201 Infected

C:\I386\RSVP.EX_=]rsvp.exe Trojan.Generic.103201 Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{833E4000-AFF7-4AC3-AAC2-9F24C1457BCE}\1.0\=]C:\WINDOWS\SYSTEM32\HELP.EXE Trojan.Generic.103527 Infected

C:\I386\HELP.EX_=]help.exe Trojan.Generic.103527 Move to Quarantine Failed

C:\I386\CACLS.EX_=]cacls.exe Trojan.Generic.104136 Move to Quarantine Failed

C:\I386\CHKNTFS.EX_=]chkntfs.exe Trojan.Generic.104984 Move to Quarantine Failed

C:\I386\FP40EXT.CAB=]admin.exe Trojan.Generic.108647 Move to Quarantine Failed

C:\I386\FP40EXT.CAB=]author.exe Trojan.Generic.108647 Move to Quarantine Failed

C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\fp40ext.cab=]admin.exe Trojan.Generic.108647 Move to Quarantine Failed

C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\fp40ext.cab=]author.exe Trojan.Generic.108647 Move to Quarantine Failed

C:\I386\NOTEPAD.EX_=]notepad.exe Trojan.Generic.109461 Move to Quarantine Failed

C:\I386\VERIFIER.EX_=]verifier.exe Trojan.Generic.144642 Move to Quarantine Failed

C:\I386\UNSECAPP.EX_=]unsecapp.exe Trojan.Generic.144654 Move to Quarantine Failed

C:\I386\DRVQRY.EX_=]drvqry.exe Trojan.Generic.160101 Move to Quarantine Failed

C:\I386\FONTVIEW.EX_=]fontview.exe Trojan.Generic.161575 Move to Quarantine Failed

C:\I386\SRDIAG.EX_=]srdiag.exe Trojan.Generic.161593 Move to Quarantine Failed

C:\I386\EVTRIG.EX_=]evtrig.exe Trojan.Generic.161680 Move to Quarantine Failed

C:\I386\COMP.EX_=]comp.exe Trojan.Generic.164455 Move to Quarantine Failed

C:\I386\SHUTDOWN.EX_=]shutdown.exe Trojan.Generic.171905 Move to Quarantine Failed

C:\I386\FC.EX_=]fc.exe Trojan.Generic.185193 Move to Quarantine Failed

C:\I386\MSNSUSII.EX_=]msnsusii.exe Trojan.Generic.213888 Move to Quarantine Failed

C:\I386\TYPEPERF.EX_=]typeperf.exe Trojan.Generic.25488 Move to Quarantine Failed

C:\I386\ICWTUTOR.EX_=]icwtutor.exe Trojan.Generic.27229 Move to Quarantine Failed

C:\I386\WUPDMGR.EX_=]wupdmgr.exe Trojan.Generic.27268 Move to Quarantine Failed

C:\I386\SC.EX_=]sc.exe Trojan.Generic.27277 Move to Quarantine Failed

C:\I386\TASKKILL.EX_=]taskkill.exe Trojan.Generic.27365 Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\AUTOPLAYHANDLERS\HANDLERS\MSVIDEOCAMERAARRIVAL\InitCmdLine=]C:\PROGRAM FILES\MOVIE MAKER\MOVIEMK.EXE Trojan.Generic.279006 Infected

C:\I386\MOVIEMK.EX_=]moviemk.exe Trojan.Generic.279006 Move to Quarantine Failed

C:\I386\BOOTVRFY.EX_=]bootvrfy.exe Trojan.Generic.61096 Move to Quarantine Failed

C:\I386\VSSADMIN.EX_=]vssadmin.exe Trojan.Generic.61113 Move to Quarantine Failed

C:\I386\PING6.EX_=]ping6.exe Trojan.Generic.61134 Move to Quarantine Failed

C:\I386\TRACERT6.EX_=]tracert6.exe Trojan.Generic.61150 Move to Quarantine Failed

C:\I386\MPNOTIFY.EX_=]mpnotify.exe Trojan.Generic.61175 Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ADVANCEDOPTIONS\ACCESSIBILITY\TEXTSIZE\Text=]C:\WINDOWS\SYSTEM32\RESET.EXE Trojan.Generic.73980 Infected

C:\I386\RESET.EX_=]reset.exe Trojan.Generic.73980 Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\Sources=]C:\WINDOWS\SYSTEM32\AUTOCHK.EXE Trojan.Generic.75280 Infected

C:\I386\ATTRIB.EX_=]attrib.exe Trojan.Generic.86101 Move to Quarantine Failed

C:\I386\DWWIN.EX_=]dwwin.exe Trojan.Generic.91963 Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\DRWATSON\EventMessageFile=]C:\WINDOWS\SYSTEM32\DRWTSN32.EXE Trojan.Generic.93270 Infected

C:\I386\DRWTSN32.EX_=]drwtsn32.exe Trojan.Generic.93270 Move to Quarantine Failed

C:\I386\SYSKEY.EX_=]syskey.exe Trojan.Starter.DM Move to Quarantine Failed

C:\I386\STIMON.EX_=]stimon.exe Trojan.Starter.DN Move to Quarantine Failed

[system]=]HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{680C64B0-8DA2-4399-BF4B-E94C1E52983E}\1.0\=]C:\WINDOWS\SYSTEM32\MMC.EXE Trojan.Starter.EA Infected

C:\I386\MMC.EX_=]mmc.exe Trojan.Starter.EA Move to Quarantine Failed

C:\I386\MSPAINT.EX_=]mspaint.exe Trojan.Starter.IV Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [360] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [360] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [360] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]c:\windows\system32\WS2_32.dll [644] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]c:\windows\system32\WS2_32.dll [644] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]c:\windows\system32\WS2_32.dll [644] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\System32\WS2_32.dll [1872] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\System32\WS2_32.dll [1872] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\System32\WS2_32.dll [1872] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [2632] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [2632] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [2632] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [3172] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [3172] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [3172] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [3744] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [3744] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [3744] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [1716] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [1716] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [1716] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [6012] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [6012] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [6012] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [2328] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [2328] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [2328] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7444] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7444] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7444] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7268] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7268] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7268] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [9352] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [9352] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [9352] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\ws2_32.dll [12124] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\ws2_32.dll [12124] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\ws2_32.dll [12124] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [10412] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [10412] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [10412] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7912] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7912] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [7912] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [6308] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [6308] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\WS2_32.dll [6308] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\ws2_32.dll [12260] (memory dump) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\ws2_32.dll [12260] (disk) Trojan.WSPatch.B Move to Quarantine Failed

[system]=]C:\WINDOWS\system32\ws2_32.dll [12260] (full dump) Trojan.WSPatch.B Move to Quarantine Failed

C:\I386\WS2_32.DL_=]ws2_32.dll Trojan.WSPatch.B Move to Quarantine Failed

E:\SecCopyGrandfather\Thinkpad60GF\MyDocuments\Picasa\win98\hhupd.exe.zip=]Documents and Settings/ronhome/My Documents/Picasa/win98/hhupd.exe Win32.Generic.3573 Move to Quarantine Failed

C:\I386\WORDPAD.EX_=]wordpad.exe Win32.Worm.Wace.J Move to Quarantine Failed

Find more posts tagged with

Comments

ronchicago

I have tried to install this twice, and each time I get the message:

The following updates were not installed:

bitdefender Security Update for Windows XP (KB908531)

During the update I get a message from BitDefender about blocking a virus - Trojan.Generic.179662 in

C:\WINDOWS\SoftwareDistribution\Download\a4ee..............\sp2qfe\verclsid.exe

alexcrist

Hello Ron,

The Trojan.Generic.179662 signature was a False Positive and was remove from the product a very long time ago. Please update BitDefender to it's current database and engine version and let us know if the problem persists.

Cris.

ronchicago

Hello Ron,

The Trojan.Generic.179662 signature was a False Positive and was remove from the product a very long time ago. Please update BitDefender to it's current database and engine version and let us know if the problem persists.

Cris.

Thanks.

Yes, and the "Windows XP (KB908531)" is an old Windows fix that I had installed a long time ago. Suddenly it vanishes and won't re-install and I get an ancient trojan?? And this morning, after doing another scan I now am able to re-install KB908531. Did my system suddenly go back a year in history? Or was there a weird update from BitDefender? All the other Trojans that I found in the previous scan (see my other post) also vanished.

I keep my system and BitDefender updated all the time. I am using BitDefender InternetSecurity 2009 at Build 12.0.12 - no problems for the past 6 months - then suddenly the roof falls in????

alexcrist

As I was told, that signature was removed from the database over a year ago and was never introduced back. So maybe there was a glitch on your system, which made BitDefender use the original signatures (which existed when you first installed it)? I don't know, I can't explain it.

As for the other detections, did you restore them from Quarantine? If you did, then you're saying that all those alerts don't appear anymore?

I already sent them for analysis, but because of the large number of detections to be checked, I didn't yet get a reply.

I've merged the 2 topics, since they might be caused by the same cause.

Cris.

alexcrist

== CLOSED ==

== Issue solved ==