locked
Backdoor:Win32/Hupigon.gen RRS feed

  • Question

  • So our Blackberry Exchange server got hit with this is morning. Forefront was up to date and cleaned it successfully, but it would get reinfected everytime the system was rebooted. Our Exchange Admin decided to splash the system and regen.

    Can anyone give me some idea why this old virus was able to thwart Forefront?
    Monday, August 4, 2008 7:11 PM

All replies

  • Hi,

    That's because forefront didn't manage to clean all of the malware files and loading points. Everytime the system rebooted, the registry point would get reloaded and the infection re-activated. Very frequent scenario actually.
    Sunday, October 5, 2008 1:30 PM
  • I would definitely recommend opening a case with CSS when this happens.  Cases regarding malware are free incidents and CSS Security can work with you to find the files that are reinfecting the system and ensure they are submitted as well to the FCS antimalware engine folks so that they are detected and removed properly.
    CSS Security Support Engineer (FCS/MBSA/WUA/Incident Response)
    Tuesday, October 7, 2008 8:21 PM
    Moderator
  • Also check the firewall and make sure it is on, see log file and see if anything suspect there. If you know the location submit them to:

    https://www.microsoft.com/security/portal/Submission/Submit.aspx

    After submission save or copy refrence ID of malware submission and contact support for help.

    Saturday, July 17, 2010 9:44 AM