Windows Defender detects and removes this threat.

See the Win32/Hupigon family description for more information.

Microsoft security software detects and removes this family of threats.

 

This family of backdoor trojans can steal your personal information, such as your online user names and passwords. They can also give a malicious hacker access and control of your PC.

Backdoor:Win32/Hupigon.EC is a component of Win32/Hupigon, a family of backdoor trojans. The malware connects to remote websites to send infection notification messages.

PWS:Win32/Hupigon.gen!F is a generic detection for the password-stealing component of the Win32/Hupigon family of trojans. It steals system information from the infected computer and sends it back to a remote server.

Backdoor:Win32/Hupigon.CK is a backdoor component of Win32/Hupigon. It runs as a service and opens a backdoor server on the host computer. Backdoor:Win32/Hupigon.CK tries to connect different remote Web sites to send notification of the infection.

Backdoor:Win32/Hupigon.gen!B is a generic detection for variants of the Win32/Hupigon family.

TrojanDropper:Win32/Hupigon is component of Win32/Hupigon. TrojanDropper:Win32/Hupigon copies itself to the system folder and runs itself from there.  It then drops the other Hupigon components, registers the primary Backdoor component as a service, and injects the stealth / password stealer components into other processes using CreateRemoteThread. For more information, see the encyclopedia entry for Win32/Hupigon

Backdoor:Win32/Hupigon!hook is the stealth component of Win32/Hupigon. This component hides files and processes associated with Win32/Hupigon by intercepting certain Windows API function calls. Backdoor:Win32/Hupigon!hook is injected into other processes by TrojanDropper:Win32/Hupigon using CreateRemoteThread.

 

For more information, see the encyclopedia entry for Win32/Hupigon.

Backdoor:Win32/Hupigon.gen!E is a generic detection for variants of the Win32/Hupigon family with backdoor functionalities.

Backdoor:Win32/Hupigon.FK is a member of Win32/Hupigon - a family of backdoor trojans. A Win32/Hupigon infection typically includes a dropper component (Trojandropper:Win32/Hupigon) and two to three additional files that the dropper installs. These additional files include Backdoor:Win32/Hupigon, the main backdoor component, and Backdoor:Win32/Hupigon!hook, a stealth component that hides files and processes associated with Win32/Hupigon. The trojan dropper may also install PWS:Win32/Hupigon, a plugin that logs keystrokes and steals passwords. Win32/Hupigon may support other malicious plugins as well.

Backdoor:Win32/Hupigon.gen!F is a generic detection for variants of Win32/Hupigon, a family of backdoor trojans. Win32/Hupigon.gen!F is installed to run as a service and allows remote unauthorized access to an affected machine.

Backdoor:Win32/Hupigon.ZAI is a variant of Win32/Hupigon, a family of backdoor trojans that open backdoor servers that allow other computers to connect to and control the affected computer in various ways.

Update: October 12, 2007: Microsoft addressed reported issues with this signature. Signature versions 3085 and higher include this improvement, and therefore may not detect specific files as Backdoor:Win32/Hupigon!1E05.

 

Backdoor:Win32/Hupigon is the main backdoor component of Win32/Hupigon, a family of backdoor Trojans. TrojanDropper:Win32/Hupigon registers this component as a service. The service then opens a backdoor server that allows other computers to connect to and control the infected computer in various ways.

Backdoor:Win32/Hupigon.DZ is a backdoor component of Win32/Hupigon. It runs as a service and opens a backdoor server on the host computer. Backdoor:Win32/Hupigon.DZ tries to connect different remote Web sites to send notification of the infection.

Backdoor:Win32/Hupigon.gen is a generic detection for a DLL component of Win32/Hupigon. This component logs keystrokes, captures screens and steals passwords and other sensitive data. Detection for this component may indicate that other files on the computer might be infected.

Backdoor:Win32/Hupigon.EA is a member of Win32/Hupigon - a family of backdoor trojans. A Win32/Hupigon infection typically includes a dropper component (Trojandropper:Win32/Hupigon) and two to three additional files that the dropper installs. These additional files include Backdoor:Win32/Hupigon, the main backdoor component, and Backdoor:Win32/Hupigon!hook, a stealth component that hides files and processes associated with Win32/Hupigon. The trojan dropper may also install PWS:Win32/Hupigon, a plugin that logs keystrokes and steals passwords. Win32/Hupigon may support other malicious plugins as well.

Worm:Win32/Hupigon.D is a member of Win32/Hupigon - a family of backdoor trojans. A Win32/Hupigon infection typically includes a dropper component (Trojandropper:Win32/Hupigon) and two to three additional files that the dropper installs. These additional files include Backdoor:Win32/Hupigon, the main backdoor component, and Backdoor:Win32/Hupigon!hook, a stealth component that hides files and processes associated with Win32/Hupigon. The trojan dropper may also install PWS:Win32/Hupigon, a plugin that logs keystrokes and steals passwords. Win32/Hupigon may support other malicious plugins as well.

Backdoor:Win32/Hupigon.EN is a member of Win32/Hupigon - a family of backdoor trojans. A Win32/Hupigon infection typically includes a dropper component (Trojandropper:Win32/Hupigon) and two to three additional files that the dropper installs. These additional files include Backdoor:Win32/Hupigon, the main backdoor component, and Backdoor:Win32/Hupigon!hook, a stealth component that hides files and processes associated with Win32/Hupigon. The trojan dropper may also install PWS:Win32/Hupigon, a plugin that logs keystrokes and steals passwords. Win32/Hupigon may support other malicious plugins as well.

Backdoor:Win32/Hupigon.EX is a member of Win32/Hupigon - a family of backdoor trojans. A Win32/Hupigon infection typically includes a dropper component (TrojanDropper:Win32/Hupigon) and two to three additional files that the dropper installs. These additional files include Backdoor:Win32/Hupigon, the main backdoor component, and Backdoor:Win32/Hupigon!hook, a stealth component that hides files and processes associated with Win32/Hupigon. The trojan dropper may also install PWS:Win32/Hupigon, a plugin that logs keystrokes and steals passwords. Win32/Hupigon may support other malicious plugins as well.