i need some help over here. My avast home edition just detected a trojan Hupigon-EA in one of my temp internet folder and a 0.exe in my windows/system32 folder. I deleted both files, but the trojan keeps coming back at every reboot. Any solutions to clear away the trojan once and for all? Thanks.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode, Ewido anti-spyware
Permission is required to place files in the system folders and create registry keys, etc.
Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.
Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.
Thanks for the info, but from what i read, apparently there are a lot of strains of Hupigon out there, and my strain is not listed in the above-mentioned website.
i tried using Trojanhunter to scan my pc, and it sniffed out 2 files found to contain the Hupigon. One is the exe file inside the temp internet files folder, the other one is netcfgw.dll inside windows/system32. The interesting thing is, it missed out the 0.exe inside the windows/system32, which was previously detected by avast.
So i googled on this netcfgw.dll and i found that it also comes with a netcfgn.exe inside the same directory. I deleted both netcfgw.dll and netcfgn.exe in safe mode, but somehow or other, they manage to ressurrect themselves again >:(