W32/Pinkslipbot
W32/Pinkslipbot is a malicious virus. W32/Pinkslipbot is able to propagate via unprotected network shares or through the exploitation of system vulnerabilities. Once inside a PC W32/Pinkslipbot may modify and add its own registry entries to ensure that it is executed each time the compromised system is started-up.
File System Details
W32/Pinkslipbot may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Appdata%\Microsoft\kxviad\kxvia.dll | |
| 2. | %Appdata%\microsoft\kxviad\kxviad.exe | |
| 3. | %Appdata%\Microsoft\kxviad\q1.22006 | |
| 4. | %Appdata%\Microsoft\kxviad\q1.20997 | |
| 5. | %Appdata%\Microsoft\kxviad\q1.19181 |
Registry Details
W32/Pinkslipbot may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
"ctfmon" = "%Appdata%\microsoft\kxviad\kxviad.exe"
HKEY_CURRENT_USER\S-1-(Varies)\Software\Microsoft\Windows\CurrentVersion\Run\]
"[Application Name]" = ""%Appdata%\microsoft\kxviad\kxviad.exe" /c [Application path]
