Malware Trojan.Win32.Pincav.avql

Posted: August 29, 2012 in Encyclopedia viruses
Tags:

Malware Trojan.Win32.Pincav.avql – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 13,312 bytes. It is written in Delphi.

Destructive activity

After starting up the Trojan creates a file:

% System% \ urlmon.dll

under the following name:

% System% \ urlmons.dll

Which are then used in their work.

The Trojan injects malicious code into the system process with the name:

svhost

This code downloads the file from the following URL address:

http://images. **** 1o.com/Pictures/P1C/P1C.exe

Save the file in the temporary folder of the current user name:% Temp% \ Pointer.ehe

After that lets you run the downloaded file. The Trojan then deletes its original body and exits.

Removal

If your computer was not protected by Antivirus and is infected with this malware, then delete the following steps:

– Delete the original Trojan file (the location of the victim will depend on how the program originally penetrated the victim machine).

– Delete files:
% System% \ urlmons.dll% Temp% \ Pointer.exe

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s