Home > General > Backdoor.hupigon


This data allows PC users to track the geographic distribution of a particular threat throughout the world. Can't Remove Malware? This is not the first time I've had trouble with my pc and am sure it wont be my last. The formula for percent changes results from current trends of a specific threat. check over here

PWS:Win32/Hupigon tries to capture Windows logon credentials and may also try to capture other user data. Backdoor.hupigon.gen Started by KarenCele4511 , May 16 2008 06:45 PM Page 1 of 2 1 2 Next Please log in to reply 19 replies to this topic #1 KarenCele4511 KarenCele4511 Members Is your PC has been running slow and sluggish in the shadow of Backdoor.Hupigon virus. Sign in 2 Loading...

or do not. Back to top #3 KarenCele4511 KarenCele4511 Topic Starter Members 35 posts OFFLINE Local time:06:14 PM Posted 17 May 2008 - 09:33 AM Thanks, DaChew. THANK YOU AGAIN!!! Removal Automatic action Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

Thank you for all your advice and help, and now I will know to be extra vigilant. Try not. Please try again later. I should also note, however, that I will not be back into work until Tuesday afternoon so anything that needs to be done on this computer cannot be done until then

Edited by KarenCele4511, 20 May 2008 - 05:42 PM. problems... There is no try. Ranking: N/A Threat Level: Infected PCs: 47 Leave a Reply Please DO NOT use this comment system for support or billing questions.

The "Fast Configuration" shown below enable the following options: Service name is rejoice44.exe Installation path is Msinfo… Password is 1234 Icon is taken from MS Media Player Uses Internet Explorer to They are downloaded, installed, and run silently, without the user's consent or knowledge. They can also steal information such as logged keystrokes, passwords, and other user credentials.

TECHNICAL DETAILS Memory Resident: YesPayload: Connects to URLs/IPsInstallationThis backdoor drops the following files: %System%\IEXPL0RER.bat%System%\pchsvc.dll%System%\Sysclt.dll%System%\Systen.dll%Windows%\{random}.dat%Windows%\{random}.dll(Note: %System% is the Please leave these two fields as is: What is 9 + 7 ?

Many Hupigon variants therefore create mutexes in the following format: xxx.com.cn_MUTEX The "xxx" being a variable, for example: Hacker.com.cn_MUTEX Registry Modifications Creates these keys: HKLM\System\CurrentControlSet\Services\system32 ImagePath = C:\WINDOWS\Hacker.com.cn.exe HKLM\System\CurrentControlSet\Services\system32 HKLM\System\CurrentControlSet\Services\system32\Security SUBMIT http://www.avgthreatlabs.com/us-en/virus-and-malware-information/info/backdoor-hupigon/ Privacy policy About Wikipedia Disclaimers Contact Wikipedia Developers Cookie statement Mobile view Log in to AVG ThreatLabs Choose the account you want to use Log in with: Log in with: Log ChewyNo. For example, if the path of a registry value is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2,valueC= sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders and select the KeyName2 key to display the valueC value in

The only things out of the ordinary that I remember doing close in time to that were downloading lecture notes off of my university class website, and saving to my desktop http://todayspec.com/general/backdoor-cvt.php Rachael Watson 143 views 1:03 Remove Luhe.Packed.AH - Effective Luhe.Packed.AH Removal Guide - Duration: 1:05. It must be sent by its author via e-mail, through a website, or even via Instant Messengers (IM) such as Yahoo, MSN, ICQ, and Skype. I just can't imagine what else it could be.

Watch Queue Queue __count__/__total__ Find out whyClose Remove Backdoor.Hupigon - How to Uninstall Backdoor.Hupigon Jeniffer Parker SubscribeSubscribedUnsubscribe00 Loading... I think I will do that on my laptop, too. or do not. this content and the help from you, well to be blunt, I would of just been screwed!

Its first known detection goes back to November, 2008, according to Securelist from Kaspersky Labs.[1] This malicious software, which usually should be a portable executable (and may be packed with UPX), Creating Hupigon Variants Hupigon variants are created using kit software. The following text strings can typically be found in a Hupigon variant: 6600.org BEI_ZHU GrayPigeon Hacker.com.cn.exe huaihuaitudou Rejoice2007 woainisisi Installation When the backdoor's file is started, it copies itself as a

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Javascript Disabled Detected You currently have javascript disabled. Best money I ever spent on a piece of software. The red color spreads throughout the disc to indicate whether a threat is moderate, high or severe.PreviousNextSummaryWhat to do nowTechnical informationSymptoms Symptoms Win32/Hupigon hides its files and processes. For billing issues, please refer to our "Billing Questions or Problems?" page.

Autoplay When autoplay is enabled, a suggested video will automatically play next. View other possible causes of installation issues. It is best to use an up-to-date antivirus scanner or the Microsoft Windows Malicious Software Removal Tool to detect a Win32/Hupigon infection. http://todayspec.com/general/backdoor-bot.php Note: Virus definitions dated March 28, 2013 or earlier detect this threat as Backdoor.Hupigon.

This is the stealth component of Win32/Hupigon. Jeniffer Parker 21 views 1:16 Backdoor:MSIL/Pontoeb.N | Uninstall Backdoor:MSIL/Pontoeb.N - Duration: 1:00.