Malware Trojan.Win32.Pincav.avql – Trojan has a destructive effect on the user’s computer.
Technical details
Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 13,312 bytes. It is written in Delphi.
Destructive activity
After starting up the Trojan creates a file:
% System% \ urlmon.dll
under the following name:
% System% \ urlmons.dll
Which are then used in their work.
The Trojan injects malicious code into the system process with the name:
svhost
This code downloads the file from the following URL address:
http://images. **** 1o.com/Pictures/P1C/P1C.exe
Save the file in the temporary folder of the current user name:% Temp% \ Pointer.ehe
After that lets you run the downloaded file. The Trojan then deletes its original body and exits.
Removal
If your computer was not protected by Antivirus and is infected with this malware, then delete the following steps:
– Delete the original Trojan file (the location of the victim will depend on how the program originally penetrated the victim machine).
– Delete files:
% System% \ urlmons.dll% Temp% \ Pointer.exe