WINDOWS.EXE – Worm Brontok removal

File	MD5	Virus Alias
WINDOWS.EXE	908b4f97e6ed2a458509bf86fd4521d6	Worm Brontok
WINDOWS.EXE	908b4f97e6ed2a458509bf86fd4521d6	Trojan PAK_Generic
WINDOWS.EXE	908b4f97e6ed2a458509bf86fd4521d6	Trojan (Suspicious File)
WINDOWS.EXE	908b4f97e6ed2a458509bf86fd4521d6	Trojan Generic
WINDOWS.EXE	908b4f97e6ed2a458509bf86fd4521d6	Trojan DNAScan

WINDOWS.EXE size: 57802 bytes
WINDOWS.EXE hash: 908B4F97E6ED2A458509BF86FD4521D6

Created files:

%WinDir%\.exe
%WinDir%\ActiveX.exe
%WinDir%\system\csrss.exe
%WinDir%\system\lsass.exe
%WinDir%\system\smss.exe
%WinDir%\system\svchost.exe
%WinDir%\system\winlogon.exe
%SysDir%\copy.pif
%SysDir%\surif.bin
%SysDir%\_default.pif
%WinDir%\win32.exe
%WinDir%.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Default: %WinDir%\System32\_default.pif
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\USER: %WinDir%\System\winlogon.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\System32\copy.pif
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ present: %WinDir%\.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: %WinDir%\ActiveX.exe

Detected by UnHackMe:

WINDOWS.EXE
Default location: %WinDir%.EXE

Dropper information:
MD5: 908b4f97e6ed2a458509bf86fd4521d6
File size: 57802 bytes

Newest viruses and malware

Solved! Use WINDOWS.EXE (Worm Brontok) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

WINDOWS.EXE – Worm Brontok removal

Created files:

Autostart registry keys:

Detected by UnHackMe:

Leave a Reply Cancel reply