SYST.DLL – Backdoor Hupigon removal

File	MD5	Virus Alias
SYST.DLL	2d97751212dc6002c1ffdab8bc0b5311	Backdoor Hupigon
SYST.DLL	2d97751212dc6002c1ffdab8bc0b5311	Trojan PcClient
SYST.DLL	2d97751212dc6002c1ffdab8bc0b5311	Trojan, Suspicious File
SYST.DLL	2d97751212dc6002c1ffdab8bc0b5311	Trojan Generic
SYST.DLL	2d97751212dc6002c1ffdab8bc0b5311	Trojan Eldorado
SYST.DLL	2d97751212dc6002c1ffdab8bc0b5311	Trojan Downloader

SYST.DLL size: 252416 bytes
SYST.DLL hash: 2D97751212DC6002C1FFDAB8BC0B5311

Created files:

%SysDir%\netbackup.exe
%SysDir%\syst.dll
%Temp%\IXP000.TMP\4.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\netbackup\Type: 10010000
HKLM\System\CurrentControlSet\Services\netbackup\Start: 02000000
HKLM\System\CurrentControlSet\Services\netbackup\DisplayName: Remote Help & Control Service backup
HKLM\System\CurrentControlSet\Services\netbackup\ImagePath: %WinDir%\System32\netbackup.exe
HKLM\System\CurrentControlSet\Services\netctrl\Type: 10010000
HKLM\System\CurrentControlSet\Services\netctrl\Start: 02000000
HKLM\System\CurrentControlSet\Services\netctrl\DisplayName: Remote Help & Control Service
HKLM\System\CurrentControlSet\Services\netctrl\ImagePath: %WinDir%\System32\svchost.exe -k remoteservice
HKLM\System\CurrentControlSet\Services\netctrl\Info: xwimd54<=403*sodx'ogw>=678796:17?0;72,{??8???< HKLM\System\CurrentControlSet\Services\netctrl\Enum\0: Root\LEGACY_netctrl\0000 HKLM\System\CurrentControlSet\Services\netctrl\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073007900730074002E0064006C006C000000

Detected by UnHackMe:

SYST.DLL
Default location: %SYSDIR%\SYST.DLL

Dropper information:
MD5: 037a594815a727f03142860e16cca0f6
File size: 183808 bytes

Solved! Use SYST.DLL (Backdoor Hupigon) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

SYST.DLL – Backdoor Hupigon removal

Created files:

Autostart registry keys:

Detected by UnHackMe:

Leave a Reply Cancel reply