What is hoipcy.exe

There are a number of hoipcy.exe processes running using 100% CPU. What is this and can I stop it?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sounds like a random name, and since there are several, and running at 100%, I'm just about as 100% sure it's malware/virus/spambot etc. Time to shutdown your computer and use a boot cd (Avast, AVG, whatever you can get your hands on, preferably newly created) and remove it.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Upload hoipcy.exe to https://www.virustotal.com/
JOBASTAuthor Commented:
virustotal suggests this is Punto Switcher which is a Russian piece of software that changes keyboard settings to a Russian layout if it detects a certain combination of characters. It does not suggest that it is a virus or malware. After a few attempts to End the processes I deleted the file  but it reappeared. I tried the same again but I deleted the folder it was in. Again this was recreated.
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Do you need Punto Switcher ?
JOBASTAuthor Commented:
No, I don't need Punto Switcher.
I'd still recommend what I said earlier, as it's not normal for any software to use  the random name, the come back after you delete it, and to use up 100%
It's most likely this file is a result of the real virus hiding somewhere else.
Uninstall Punto Switcher and see if you still have the file.

During a BootCD SCAN, most malware processes are not running and a heuristic detection can't detect them.

Malware processes must be active while doing a scan so scanning is not going to be as effective.

Windows File Protection is not used when scanning a BOOT CD, so if a crucial system file like userinit.exe or explorer.exe are infected the scanner will delete these files (no question asked) as opposed to just pointing out that these files are infected. Since WFP is not used, the deleted system files are not replaced and when you put the drive back, the user won't be able to login. If it is the explorer.exe that was deleted then explorer won't load leaving the user with no desktop icons/taskbar.

Have a look:
Still recommending boot cd, as anti virus experts override "best practice" guides:
See how all the big name companies respond after years of top level expertise:


Examples of use

Scenario A: Operating System files have been compromised, unable to clean from Windows.

In this scenario Sophos Anti-virus has detected the virus and attempted cleanup but the machine (disconnected from the network) continues to become infected. The virus has managed to infect the machine and compromise legitimate operating system and application files which cannot be cleaned whilst running from within Windows. Use Sophos Bootable Anti-Virus with the disinfect option to clean the machine.
The scan completes and after running a second disinfect scan no further files are detected. The system is now clean, so reboot back into Windows and monitor it.

Scenario B: Infected Master Boot Record (MBR)

In this scenario Sophos Anti-Virus has detected malware that has infected the Master Boot Record (it can be identified by the detection name containing the word “MBR”). The MBR cannot be disinfected from within Windows as the virus responsible will be monitoring it. You must reboot into Sophos Bootable Anti-Virus and run a disinfect scan.
Once the scan has completed and disinfected the MBR, run a detect only scan to ensure that cleanup was successful and that no other infected files exist. If clean, reboot back into Windows and monitor.


Includes full AV scanning engine capable of removing rootkits embedded so deeply they cannot be removed with CCE for Windows

I could list all the av names and their articles as every single one has the same articles and this has been the industry standard for year.

While you mention unfortunate deletion of files leaving a computer unusable, it can be fixed afterwards and at least it will clean, instead of continuing with a computer that keeps infecting other systems and spamming the world.
JOBASTAuthor Commented:
Wow, I didn't expect the debate but all comments are useful.

I don't have Punto Switcher installed. The hoipcy.exe just seems to be masquerading as Punto Switcher.

I'm going to try the boot cd option but I think the virus/malware has got at my McAfee software as my scheduled scans do not seem to have been taking place and the date/time of the next scheduled scan seems to be always a few minutes away. When I try to run a scan manually I get an error message "An unexpected problem occurred during your scan. Please click OK to go back to the homepage, and then try running your scan again.". This happens no matter which type of scan I select.
There's always a small window between a new virus and detection by a virus scanner (always a cat & mouse game, where sometimes residential heuristics scan fails).
In the event a virus does get through, depending on how well it's programmed, it could have the "upper hand", and will always "win" when Windows is started (either by hiding by special code hooked during booting, or other types of nasty code), no matter what program you throw at it.
That's why ALL virus vendors have made boot cd's available.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.