Click on screenshot to zoom
Danger level 8
Type: Trojans
Common infection symptoms:
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Slow internet connection
  • System crashes
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:
Backdoor.Hupigon.gthp , Backdoor.Hupigon.CN

Backdoor.Hupigon

Backdoor.Hupigon is a family of backdoor Trojans that involves such malicious infections as Backdoor.Hupigon.tf, Backdoor.Hupigon.CN and Backdoor.Hupigon.EX. Even though all of the infections from the same family are variations of one another and do not replicate each other by 100%, all of them have been created for the same purposes. Schemers could use the malicious programs to corrupt your operating Windows system, download more malware, steal personal information, gain access to personal accounts and use them for illegal malign applications’ integration into other computers. If you do not want your name pinned to some dreadful online scam, the next step you should make is Backdoor.Hupigon removal, and the following information will show you how to do it quickly and effortlessly.

Ctfmon.exe is one of the malicious Backdoor.Hupigon files that enable schemers to carry out their devious tasks within your operating Windows system. The devious executable can intercept the Registry, add Trojan’s code and control all of your computer’s processes. This is how the file will disable Windows Security Center and Safe Mode so that you could not detect or remove the system corrupting infection. What is more, this file can also breach the security of autoexec.bat file and start collecting keystrokes and mouse clicks, which soon enough could reveal your login data. Iexplorer.exe, on its own command, can then enable access to your email an IM chat accounts, spread malware using social engineering scams and download even more malware.

To complete your Windows system’s paralysis, lsass.exe will remove your access to the Task Manager and will disable Registry Editor. Additionally, this executable will tamper with your Internet browser and its settings. Your home page will be switched, your Bookmark and Favorite lists will be modified and your browser appearance will be transformed. Even this is not all, and msmsgs.exe will make sure to display fake online advertisements or system notifications and will copy Outlook address book to allow schemers to pick their next victim.

There are a few more things to learn before you commence with Backdoor.Hupigon removal. First of all, this infection is composed of tens of highly clandestine, cloaked files, which means that manual Trojan’s success could bring more detriment than success. Secondly, your best chance at getting the malignant program deleted is trusting automatic removal tools. We recommend installing SpyHunter which you can obtain by clicking on the link below and following the presented instructions.

Download Spyware Removal Tool to Remove* Backdoor.Hupigon
  • Quick & tested solution for Backdoor.Hupigon removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Backdoor.Hupigon

Files associated with Backdoor.Hupigon infection:

sya.exe
svcnost.exe
Hpqddsvc.exe
Server.exe
Se81.exe
kav6.0.1.411en
tcpwamslib.exe
tcpwamtlib.exe
RegistryQuick.exe
vscanner.exe
mKm31001oGjLb31001.exe
lsass.exe
activator.exe
25015f74-fc7e-7e90-9841-2c4e5741ff1b.dll
mciwave32.exe
JavaUpdate.exe
ARTAV Internet Security.exe
msbackup.exe
smax.exe
AuditionRegistry.exe
ClamAVFile
svcs.exe
processxgr.cpl
moonsysh.dll
themehelpersvc.exe
SVOHOST.exe
hgcheck[1].exe
kyadwj.exe
yt8a.exe
msmsgs.exe
ctfmon.exe
iexplorer.exe
svhost.exe
scvhost.exe
109e.tmp
runwin.exe
service.exe
systray.exe
setup.exe

Backdoor.Hupigon DLL's to remove:

25015f74-fc7e-7e90-9841-2c4e5741ff1b.dll
moonsysh.dll

Backdoor.Hupigon processes to kill:

sya.exe
svcnost.exe
Hpqddsvc.exe
Server.exe
Se81.exe
tcpwamslib.exe
tcpwamtlib.exe
RegistryQuick.exe
vscanner.exe
mKm31001oGjLb31001.exe
lsass.exe
activator.exe
mciwave32.exe
JavaUpdate.exe
ARTAV Internet Security.exe
msbackup.exe
smax.exe
AuditionRegistry.exe
svcs.exe
themehelpersvc.exe
SVOHOST.exe
hgcheck[1].exe
kyadwj.exe
yt8a.exe
msmsgs.exe
ctfmon.exe
iexplorer.exe
svhost.exe
scvhost.exe
runwin.exe
service.exe
systray.exe
setup.exe

Remove Backdoor.Hupigon registry entries:

HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN 17246
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN ctfmon
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN IEXPLORER
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN MSMSGS
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Program
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN RUNWIN
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Servicos
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN SoundMam
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN yt8a
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAusLogics Windows Themes Helper
RUNNING PROGRAMexplorer.exe
RUNNING PROGRAMsvhost.exe
RUNNING PROGRAMwinlogon.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.