trojan horse BackDoor.HupigonXTA (help)

hi i did a windows update, and when it was installing, my virus program(AVG free edition )found a trojan{trojan horse BackDoor.HupigonXTA}Path :C:\WINDOWS\system 32\dllcache\tcip.sys,and then it found another one {trojan horse BackDoor.HupigonXTA} Path :C:\WINDOWS\system 32\drivers\tcip.sys i healed both of these and it sent them too the virus vault,i always delete anything from the virus vault,big mistake!!when i restarted the pc after the update and it finding that stuff, and then removing it i couldnt connect to the internet ....i looked and looked for a fix ,system restore wouldnt work ,i ended up getting it fixed by going to the network connections and right clicking on the eithernet conection and going to proptries and then highlighting the internet protocols (tcip\ip)and clicking install ,then tryed to connect and it worked ,,,(i think this is what fixed it)....then when i got up this morning the virus program had found them agian and they were in the vault and so i restore them from there and got back online ,how can i fix this and get rid of them .....and this was from windows update, i dont get that at all i trust them update and now this ??

any help would be great thanks for your time jwb38

wasnt sure if this should go in the networking or software section ....sorry

 

ive been running counterspy in safe mode for about 10 hrs now and its not even half way done,was wondering if this is normal?for it to take so long,i have a 160 gb hd ,then a slave 160 gb hd and also a 160 gb external hd also ,its still on the c drive so it will take days for it too finish im guessing..im send this with my laptop.....incase u were wondering if the pc im fixng is online now it isnt....thanks for your help....jwb38


it has found 2 files so far (there r trojan. fakealert trojan)2 objects

 

since asking about the time for counterspy too run ive turned off the extra hd .so it wont have too check that one ,i hope by turning it off while it was running and in safe mode it wont hurt anything,i did not get any error messages when shutting it down so i think it should be ok ...just wanted to inform u of this action i took ...thanks

 

well i just spent hrs with Bitdefender and at the end it closed ie ,so i guess ill go on and do the panda run ,it found some stuff in the system restore ,but i knew that it was in there and needed to get rid of it (trojan horse BackDoor.HupigonXTA)3 files ....and i didnt save the counterspy log becasue it didnt work right and i didnt see the save file,it did let me get rid of the stuff with counterspy ....so i dont know i hope that it will let me save the panda scan ,and then ill do the two other runs GetRunKey &
ShowNew and the hijack and then post ...thanks jwb38
ill check back soon before the panda is done and see what u guys say ,well it just shut ie down again so ill restart the pc and run the last steps and wait to here back from someone if i dont then ill send the logs from GetRunKey &
ShowNew and the hijack thanks jwb38

 

ok ,well heres the logs from the 3 that i could get, GetRunKey &
ShowNew and the hijack this ....ill be waiting to hear from someone ..thanks jwb38

 

heres the scan from Bitdefender,and the scans from virustotal,there were 2 files one is the orgianial file and the other is a copy im guessing ,panda shut down on me so i dont have that scan,,thanks for your help

 

ok i tossed the kmd_202,it wasnt on the pc ,just a install file ...removed the java stuff and removed all the stuff in the avg virus vault,im guessing it ran last night and didnt find anything,and i was still online this morning so im guessing everything is alright ...i toggled the system restore off and then back on..there was some system restore files that were in the virus vault that had the trojan ,along with the tcip/ip files ,i tossed all this stuff ,will i be able to do a system restores again ,if so not just them restore points for that day?thanks for all your help in getting this problem fixed.....jwb38

 

ok i got you ,thanks for your help ,so u answered my question about the restore ,there will only be one ,i see ...thanks jwb38