The file APOINT.EXE is identified as a virus dropper.
The dropper APOINT.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file APOINT.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the APOINT.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the APOINT.EXE process and delete the file APOINT.EXE.
Malware Analysis of APOINT.EXE
Full path on a computer: %SysDir%\Apoint.exe
Detected by UnHackMe:
APOINT.EXE
Default location: %SysDir%\Apoint.exe
Removal Results: Success
Number of reboot: 1
APOINT.EXE is known as:
Trojan.Zusy, Trojan.Zbot, TR.Zusy.47358, W32.Trojan.UEUT-2027, Trj.dtcontx.G, Win32.VB.RHF, W32.VB.RHF.tr, Pakes_c.AIMH, Trojan.VB.RHF
APOINT.EXE hash:
- MD5: 038ed7dde4043e0bb51a47cb6be6fb77
How to quickly detect APOINT.EXE presence?
![]( "Registry")
Registry:
![]( "Files")
Files:
Registry:- HKLM\System\CurrentControlSet\Services\Apointer\ImagePath: “%SysDir%\Epoint.exe”
- HKLM\System\CurrentControlSet\Services\Apointer\DisplayName: “point Seguraridad Service”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\cespa: “%SysDir%\dwwm.exe”
Files:- %Temp%\a229815238c968455cbb405386a44965.pdf
- %SysDir%\Apoint.exe
- %SysDir%\dwwm.exe
- %SysDir%\Epoint.exe