HuPigeon AHB trojan

i 've been using xoftspy antspyware program fro some time now, recently it found HuPigeon AHB trojan in my system and its unable to remove it. i did install this anti-malware now but hasnt found anything, im confused and freaking out comodo isnt able to track this trojan? or xoftspy is f***ing with me!!! HELP plZ…

Hi EleniTa,
Welcome to the Comodo forums.
Xoftspy was (at one time anyway) a rogue anti-spyware program, not the best reputation to say the least. 88)

Note on XoftSpy: XoftSpy was listed on this page because of concerns with false positives (1, 2, 3, 4), questionable license terms, and the use of aggressive, deceptive advertising (1, 2), including exploitation of the name "spybot" by affiliates. Earlier versions of XoftSpy were also Ad-aware knockoffs. (There was clone of XoftSpy named SpyBurn, but that application is no longer available.)

I’d drop it like a diseased bad habit. :wink:
If you are concerned about a possible infection you might want to upload the alleged infected files to VirusTotal for a scan.

Now thats a relief, coz no other spy-ware, trojan remover … etc didnt find that, also avast says im clean. Thnx a lot for the info and welfound you!! Looks like a really reliable proggy this BOClean thats why i posted here anyway ;D … but does this trojan exist? and if yes would comodo be able to find it ? thnx again.

It’s hard to tell if it “really exists” when using a name/detection from an untrusted source…
Most hits on the name seem to point back at “paretologic” who hosts XoftSpy. 88)
If yes, more than likely Comodo BOClean will have it’s number.

Yes u’re right!
virus total: No threat detected
jotti scan: Found nothing

Thank you for your time ~cat~ (V)


Thank you for your time ~cat~ (V)

You are most welcome EleniTa, we are fortunate to have such a gracious host to pull together the people you will find here.
Please check out Comodo’s other offerings as well, maybe you will find them as helpful as many others have. :wink:
Less bling, more ■■■■.

[attachment deleted by admin]

I am facing the same trojan in my \windows\system32\msjetoledb40.dll
discovered by ParetoLogic.
Kaspersky says its clean.
each time i delete the file it recreates.

“msjetoledb40.dll” in “C:\WINDOWS\system32” is more than likely a native protected Windows system file that Windows will recreate when you attempt to delete it.
Upload it to VirusTotal and see what 32 other scanners say about it. :wink:

Tags: Paretologic, XoftSpySE, Scam, Rogue Anti-spyware, False Positive

There are a lot of rogue Spyware programs out there, that normally detect ‘false’ viruses and then send you to a site where they offer to remove it for you ‘at a price’!

There’s a site somewhere (can’t remember the name now) which reviews and lists all the good and bad AV and AS programs; perhaps someone can remember it.

Best to use Comodo products or those listed on (all safe).


LoL, obayda that was exactly the same file name xoft was finding in my system as that trojan (with 2 more .dll files) (:TNG)

Rogue/Suspect Anti-Spyware Products & Web Sites

Thanks Cat, that’s the one, Bookmarked if for future use. :slight_smile:


Hi all.
I m facing the same problem with Xsoft antispyware.
It keeps on giving as a result the Trojan “Hupigeon AHB Trojan” in msjetoledb40.dll
As other members,when I try to remove it ,it keeps on re creating itself.
In order to be sure I used SpywareFighter,VirusFighter,AVG,SpyBot S&D and CounterSpy.All gave me no result about the Hupigeon AHB, but SpywareFigher,and SpyBot found a " Downloader.avi.gen " in C:\windows\ie7\reg00798.They removed it,and from that time ,all programs say my computer is clean.

I e-mailed the log file to XsoftSpy as they propose,to examine the problem,but after 3 days,no answer.
Note: I also used Norton ,but I have the impression that its not so good in detecting spyware .
Anyway,my question is : Is it ok now ? I also send the msjetoledb40.dll to VirusTotal and found it clean.

P.S:Nice site,useful info.Thanks

Hello Everybody! (:WAV)
First of all it’s so nice to be in this site and Find at last HELP in my problem. Like many of the members here i experience the same problems with this nasty Trojan ‘Hupigeon AHB Trojan’.

I also was able to find out that i have this Trojan,using XoftSpy which unfortunately cannot solve my problem as file in C:\WINDOWS\system32\msjetoledb40.dll regenerates when erased by me or by XoftSpy.

I also scanned my Pc with F-secure 7 but it didn’t found anything.

Then I tried also Spybot S & D and NoAdware 5 but also nothing!!!

My last try to solve my problem was to use SpywareFigher but when i installed it my computer end up rebooting all the time like crazy and i uninstalled it!

I also tried to install comodo BOclean but really i cant understand how can i command this program to Scan my Pc and still my problem was there.

at last i tried this and WORKED!!!
1)I uninstalled all my anti virus programs and Spywares except XoftSpy 4.33.
2)I boot in safe mode and i runned XoftSpy which cleaned C:\WINDOWS\system32\msjetoledb40.dll and guess what it didn’t regenerated. The strange thing is that latter while i was on safe mode,
i installed F-secure 6 (which includes also a very good Firewall) and it reported me that a Cisco VPN client was installed in my pc without me to be aware of it. But thankfully it removed it after reboot and now finally my Pc is secured and safe!!!

Hello to all…
I had the same problem, as all of you.
I think i found a solution.
I entered in safe mode and did the scan with paretologic spyware.
It found it and removed it. I performed a scan just afterwards and it didn’t appeared in results.
I also did a scan in normal mode and till now i haven’t found it in my system.
Let’s hope it will work permanently.
and of course the file that was removed wasn’t something the system needs.

(:NRD)(ooops i just noticed the previous post)… anyway i think safe mode is the solution