WORM_BRONTOK.CE |
|
| BugsAlert Home > WORM_BRONTOK.CE | |
|
This worm may be downloaded from remote sites by other malware. It may arrive bundled with malware packages as a malware component. It may also be downloaded unknowingly by a user when visiting malicious Web sites. Upon execution, this worm drops the following files. This worm creates registry entries to enable its automatic execution at every system startup. It also modifies registry entries in order to execute itself every time a .EXE, .COM, .PIF, or .BAT file is run. This worm restarts the affected system when it finds an open window containing certain strings in the title bar of Internet Explorer (IE). It also uses the Windows folder icon to trick affected users into thinking that it is a normal or legitimate folder. Once clicked, it opens the My Documents folder to hide its execution routines. It also drops a copy of itself in all folders using the folder name. It also drops a copy of itself as in all physical and removable devices. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BRONTOK.CE Learn more about WORM_BRONTOK.CE |
|
| Tags: worm brontok.ce | |
Related Items |
|
|
CVE-2008-4135 (symbian_os)
|
|
|
Bugtraq: RE: A more detailed description of the Jura F90 vulnerability.
|
|
|
Honeyd "test.sh" Insecure Temporary Files
|
|
|
ComicShout "comic_id" SQL Injection Vulnerability
|
|
|
CVE-2008-3563 (Plogger)
|
|
|
CVE-2008-2486 (emule_plus)
|
|
|
Cisco Security Agent Remote Buffer Overflow Vulnerability
|
|
