W32.Pholdicon
W32.Pholdicon is a worm that drops potentially harmful files and proliferates through network shares and removable media.
W32.Pholdicon looks as a Windows folder icon and propagates through removable media and network shares. Once run, W32.Pholdicon creates the potentially infected files. W32.Pholdicon creates the registry entry so that it can load automatically every time the computer user starts Windows. W32.Pholdicon drops and executes potentially infected files from the certain distant location.
Table of Contents
File System Details
W32.Pholdicon may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | [MAPPED NETWORK DRIVE]\Photo.exe | |
| 2. | [DRIVE LETTER]\Photo.exe | |
| 3. | [DRIVE LETTER]\Photo\Photo.exe | |
| 4. | [REMOVABLE DRIVE]\Photo.exe |
Registry Details
W32.Pholdicon may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"Photo" = "[DRIVE LETTER]\Photo\Photo.exe"
URLs
W32.Pholdicon may call the following URLs:
| http://www.managtest.ru |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.