Email-Worm.Rontokbro
Email-Worm.Rontokbro is a malicious worm that may represent security risk for the compromised system or its network environment. Email-Worm.Rontokbro uses backdoors to install contaminated files from the internet onto a compromised computer. Email-Worm.Rontokbro spreads via unsolicited e-mail attachments and requires a user to execute it to run on a computer. Email-Worm.Rontokbro comes bundled with a corrupt installation program which allows the malware to run once the PC starts up. Remove Email-Worm.Rontokbro as soon as it has been detected.
Aliases
Trojan.Win32.VB.airv (Kaspersky Lab)
Generic VB.ef (McAfee)
Mal/SillyFDC-F (Sophos)
Trojan:Win32/Malagent (Microsoft)
Trojan.Click (Ikarus)
Win-Trojan/Xema.variant (AhnLab)
Generic VB.ef (McAfee)
Mal/SillyFDC-F (Sophos)
Trojan:Win32/Malagent (Microsoft)
Trojan.Click (Ikarus)
Win-Trojan/Xema.variant (AhnLab)
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\%UserName%1\winlogon.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.