I have a hard disk backup file (415gb) that is being identified with the above virus (possibly trojan), however I am not sure if this is the case at all.
The scan log mentions the identification, and then states ‘error with parameter (87)’ or after attempting the action of moving it to the chest and becoming non-responsive, it comes back with ‘the process cannot access the file as it is being used by another process (32)’ (? used by another process?)???
I cannot find these codes on the site (would help of there was a list somewhere), and these may indeed be FP (false positives), as is discussed elsewhere in the forum.
This assumption is supported by the fact that none of either windows malicious software removal tool, malwarebytes and super-antispyware detect it.
Is there a tool available to confirm this before the signalled enhancement is made to the AV program?
I have a hard disk backup file (415gb) that is being identified with the above virus (possibly trojan), however I am not sure if this is the case at all.
If you can upload the exact file detected (max 20mb) to www.virustotal.com and test it with 43 scanners
The error codes are in fact not generated by avast (Microsoft error messages, I think)
The detection and identification ‘win32.hupigon-onx’ is a call made by avast.
And as you say, can be considered with reference to other hupigon threads in this forum.
But more information please as to the system(s) you are using.
Take care lethal. Gen-Kryptik is not to be treated lightly, has proved capable of re-engineering itself when apparently removed, and is clever at concealing itself from AV and other security products.
I’m back on later tonight, but I would suggest you take steps to secure all yr important documents. Perhaps unhook yr external hard disks and look to secure yr system drive if it is not already secure. And use More Options tab in Disk Cleanup in Microsoft System Tools to remove all but the most recent Restore point and may help prevent further issues in ‘system volume information’
Take care because if there is any infection in yr backup file, it would have been sent there from the system drive, which may have since been cleansed. Also, it would not be out of place for avast to call hupigon given detection of a threat under these circumstances.
Alternatively, could be FPs as has happened before with hupigon detection. However, in this case, I think best to take care.
I have often wondered why there are system restore files on my second partitioned hdd (F), and not just the main HDD ‘c’.
I have cleaned up both now and removed all but latest restore points on both (another learning curve).
I have also run dr web cureit as suggested by ‘Pondus’, twice today, and potential trojans continue to be identified. This would I guess support your comment of ‘Gen-Kryptik’ morphing itself??
When you say ‘look to secure yr system drive if it is not already secure’…what and how?
Also what do you mean by ‘Also, it would not be out of place for avast to call hupigon given detection of a threat under these circumstances’? Do you mean this could be a FP or a morphed version of Gen-Kryptik?
more information please - what is yr operating system?Win Xp Home SP 3
If you use a backup program (other than Windows), what is it?
what is yr backup procedure?
System drive holds yr operating system (system files) and is normally Local Disk (C:). Holds Control Panel.
Important to keep this drive free of infection, so can use it to manage disinfection of any other drive. Use security products to make and keep this drive infection-free. Unhook any other hard disks (but not CD or DVD players), test system drive, then other drives, then other disks as you add them, until the complete system is infection-free. Use backup technologies to insure against any losses due to future threats.
when the issue involves infection and a backup process, it has been common for avast to identify hupigon
(example from Mcafee of an actual backup infection - win32 hupigon.worm http://vil.nai.com/vil/content/v_142042.htm)