Worm:Win32/Brontok.AS@mm
Worm:Win32/Brontok.AS@mm is a mass-mailing email worm that alters specific system settings, such as display of hidden files.
Worm:Win32/Brontok.AS@mm also disables registry editing. Worm:Win32/Brontok.AS@mm proliferates by sending its copy, as an email attachment, to contacts that exist on the victimized computer system. Worm:Win32/Brontok.AS@mm is also able to replicate itself to USB, removable drives and shared folders. While being installed on the attacked computer, Worm:Win32/Brontok.AS@mm makes system changes by adding numerous harmful files and modifying the Windows Registry. When activated, Worm:Win32/Brontok.AS@mm opens a Windows Explorer window to the "My Documents" folder. Worm:Win32/Brontok.AS@mm uses the Windows "new folder" icon for its copies. This may make the file to emerge as if it were a new folder rather than an executable file, seducing computer users into accidentally executing Worm:Win32/Brontok.AS@mm. Worm:Win32/Brontok.AS@mm modifies the registry entries to make sure that its copy loads automatically whenever Windows is started.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %APPDATA%\br7911on.exe | |
2. | %APPDATA%\lsass.exe | |
3. | %APPDATA%\services.exe | |
4. | %USERPROFILE%\Templates\WowTumpeh.com | |
5. | %windir%\berasjatah.exe | |
6. | %windir%\sembako-cmzjlji.exe | |
7. | %windir%\sembako-cmzjlii.exe | |
8. | %windir%\shellnew\bbm-qotlpinc.exe | |
9. | %windir%\shellnew\bbm-xomljimc.exe | |
10. | %windir%\shellnew\bbm-zomljimc.exe | |
11. | %windir%\shellnew\sempalong.exe | |
12. | %windir%\system32\cmd-bro-ilx.exe | |
13. | %windir%\system32\drivers\etc\hosts-denied by-%UserName%.com | |
14. | %windir%\system32\dxblai.exe | |
15. | %APPDATA%\bronnetdomlist.bat | |
16. | %APPDATA%\inetinfo.exe | |
17. | %APPDATA%\smss.exe | |
18. | %USERPROFILE%\Templates\Brengkolang.com | |
19. | %windir%\eksplorasi.exe | |
20. | %windir%\sembako-dfzjlog.exe | |
21. | %windir%\sembako-cmzjkji.exe | |
22. | %windir%\shellnew\bbm-toslphed.exe | |
23. | %windir%\shellnew\bbm-vrqliimc.exe | |
24. | %windir%\shellnew\bbm-vqslphed.exe | |
25. | %windir%\shellnew\bbm-yomljimc.exe | |
26. | %windir%\system32\cmd-bro-plx.exe | |
27. | %windir%\system32\cmd-bro-jlx.exe | |
28. | %windir%\system32\dxblbt.exe | |
29. | C:\autoexec.bat | |
30. | %APPDATA%\csrss.exe | |
31. | %APPDATA%\svchost.exe | |
32. | %APPDATA%\winlogon.exe | |
33. | %USERPROFILE%\Templates\14004-nendangbro.com | |
34. | %windir%\sembako-dezjlph.exe | |
35. | %windir%\sembako-cnzjlpi.exe | |
36. | %windir%\shellnew\bbm-somljimc.exe | |
37. | %windir%\shellnew\bbm-rpqlogfd.exe | |
38. | %windir%\shellnew\bbm-trqliimc.exe | |
39. | %windir%\shellnew\bbm-xtvkjimc.exe | |
40. | %windir%\system32\cmd-bro-olx.exe | |
41. | %windir%\system32\cmd-bro-jkx.exe | |
42. | %windir%\system32\dxblbk.exe | |
43. | %windir%\system32\dxblap.exe | |
44. | %APPDATA%\bronfoldnetdomlist.txt | |
45. | %APPDATA%\Kosong.Bron.Tok.txt | |
46. | %USERPROFILE%\My Documents\My Pictures\about.Brontok.A.html - contains the body of the email it sends out | |
47. | %windir%\system32\%UserName%'s Setting.scr | |
48. | %APPDATA%\bronnpath0.txt | |
49. | %APPDATA%\Bron.tok-9-10 | |
50. | %APPDATA%\Ok-SendMail-Bron-tok | |
51. | %windir%\eksplorasi.pif | |
52. | %APPDATA%\loc.mail.bron.tok | |
53. | %USERPROFILE%\Start Menu\Programs\Startup\empty.pif | |
54. | %windir%\system32\dxblcw.ex |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.