Published Mar 28, 2013|Updated Nov 07, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Trojan/Win32.Pincav (AhnLab) Trojan.Win32.Pincav.cmuh (Kaspersky) W32/Pincav.AQT (Norman) TR/Rogue.KD.915653 (Avira) Trojan.Win32.Pincav (Ikarus) RDN/Akbot!a (McAfee) Troj/Qakbot-AL (Sophos) W32.Qakbot (Symantec) TROJ_SPNR.14D113 (Trend Micro)


Backdoor:Win32/Qakbot.gen!C is a trojan backdoor that connects to a remote server, allowing an attacker to access your computer. It can steal confidential information, such as your online banking details and email user names and passwords.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

This threat tries to steal sensitive and confidential information from affected users to perpetrate fraud. If you believe that your personal financial information may have been compromised, please refer to the following advisory for additional advice:

It may also steal your information by recording your user names and passwords. After removal of the threat you should change your passwords. Please refer to the following advisory for tips on how to create and use passwords:

Please also refer to the following advisory for additional advice:

For more information on this threat, read: Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks


Latest news