ThreatExpert's Statistics for W32/Rontokbro.gen@MM [McAfee]:

W32/Rontokbro.gen@MM [McAfee] is also known as:

Threat Alias	Number of Incidents
Email-Worm.Win32.Brontok.n [Kaspersky Lab]	188,999
W32.Rontokbro.U@mm [Symantec]	181,136
WORM_BRONTOK.BA [Trend Micro]	164,553
Worm.Brontok.BA [PC Tools]	83,662
Worm.Brontok.BK [PC Tools]	65,054
Worm.Brontok.Gen!Pac.3 [PC Tools]	36,876
WORM_RONTKBR.GEN [Trend Micro]	25,253
W32.Rontokbro.X@mm [Symantec]	9,579
I-Worm.Brontok.AY [PC Tools]	6,177
WORM_BRONTOK.IE [Trend Micro]	5,036
W32.Rontokbro@mm [Symantec]	4,473
Email-Worm.Win32.Brontok.N [Ikarus]	4,179
W32/Rontokbr-A [Sophos]	2,510
I-Worm.Brontok.BM [PC Tools]	2,069
W32/Brontok-AE [Sophos]	1,414
Worm.Brontok.Gen.1 [PC Tools]	783
W32/Brontok-Gen, W32/Brontok-Gen, Mal/Packer, Mal/Behav-024 [Sophos]	383
Email-Worm.Win32.Brontok.q [Kaspersky Lab]	382
W32/Brontok-Gen, W32/Brontok-Gen, Mal/Emogen-N, Mal/Heuri-D [Sophos]	359
W32/Brontok-Gen, W32/Brontok-Gen, Mal/Behav-024 [Sophos]	285
W32/Brontok-Gen, W32/Brontok-Gen, Mal/Behav-024, Mal/Heuri-D, Mal/Emogen-N [Sophos]	254
Worm:Win32/Brontok.BJ@mm [Microsoft]	248
W32/Brontok-BB [Sophos]	152
Email-Worm.Brontok!sd5 [PC Tools]	105
W32/Brontok-Z [Sophos]	87
WORM_RONTOKBR.AT [Trend Micro]	82
Win32/Brontok.worm.43072.B [AhnLab]	75
W32/Brontok-Gen, W32/Brontok-Gen, Mal/Emogen-N, Mal/Behav-024, Mal/Heuri-D [Sophos]	71
PE_SALITY.AS [Trend Micro]	60
Email-Worm.Win32.Brontok.A [Ikarus]	58
I-Worm.Brontok.Gen.2 [PC Tools]	55
Virus.Win32.Rontokbr.I2 [Ikarus]	55
Virus.Win32.Sality.q [Kaspersky Lab]	54
Win32.Sality.X [PC Tools]	54
W32/Brontok-K [Sophos]	53
WORM_RONTKBR.D [Trend Micro]	51
Worm:Win32/Brontok.AF@mm [Microsoft]	49
Email-Worm.Win32.Brontok [Ikarus]	48
I-Worm.Brontok.CU [PC Tools]	42
Packed/MEW [PC Tools]	42
PE_SALITY.AC [Trend Micro]	35
WORM_RONTKBR.B [Trend Micro]	35
Win32.Sality.M [PC Tools]	33
Virus.Win32.Sality.k [Kaspersky Lab]	30
Win32/Brontok.worm.43072.E [AhnLab]	25
I-Worm.Brontok.BO [PC Tools]	24
Email-Worm.Win32.Brontok.a [Kaspersky Lab]	22
W32/Brontok-AJ [Sophos]	19
I-Worm.Brontok.BS [PC Tools]	18
W32/Brontok-N [Sophos]	17
Win32.Sality.AA [PC Tools]	16
Worm:Win32/Brontok@mm [Microsoft]	16
Virus:Win32/Sality.M [Microsoft]	15
W32.Rontokbro.K@mm [Symantec]	15
W32/Kookoo-A [Sophos]	15
Win32/Brontok.worm.45120.X [AhnLab]	15
PE_SALITY.AL [Trend Micro]	12
Virus:Win32/Sality.T [Microsoft]	12
W32/Sality-AD [Sophos]	12
W32.SillyFDC [Symantec]	11
I-Worm.Brontok.AW [PC Tools]	10
I-Worm.Brontok.CH [PC Tools]	10
I-Worm.Brontok.EV [PC Tools]	10
W32/Brontok-D [Sophos]	10
W32/Brontok-Gen, W32/Brontok-Gen, Mal/Heuri-D, Mal/Emogen-N [Sophos]	10
Win32/Brontok.worm.45120.M [AhnLab]	10
Win32/Brontok.worm.81920.E [AhnLab]	10
WORM_BRONTOK.BF [Trend Micro]	10
WORM_RONTOKBRO.H [Trend Micro]	10
I-Worm.Brontok.O [PC Tools]	9
Trojan Horse [Symantec]	8
Win32/Brontok.worm.45417 [AhnLab]	8
I-Worm.Brontok.EG [PC Tools]	7
Mal/EncPk-BA [Sophos]	7
Trojan.KillAV [Symantec]	7
W32/Brontok-BZ [Sophos]	7
Worm.Brontok.EW [PC Tools]	7
Virus:Win32/Sality.R [Microsoft]	6
W32/Brontok-Gen, Mal/Packer, Mal/EncPk-BA [Sophos]	6
W32/Sality-AA [Sophos]	6
Win32/Brontok.worm.45120.AA [AhnLab]	6
Worm.VB.FMU [PC Tools]	6
Worm.Win32.VB.ck [Kaspersky Lab]	6
Worm:Win32/Tofam!rts [Microsoft]	6
WORM_RONTKBR.F [Trend Micro]	6
Email-Worm.Win32.Brontok.ai [Kaspersky Lab]	5
Email-Worm.Win32.Brontok.c [Kaspersky Lab]	5
I-Worm.Brontok.AN [PC Tools]	5
I-Worm.Brontok.BG [PC Tools]	5
I-Worm.Brontok.EJ [PC Tools]	5
Trojan.Win32.Pakes.cob [Kaspersky Lab]	5
Virus.Win32.VB.bg [Ikarus]	5
W32/Brontok-B [Sophos]	5
W32/Brontok-Gen, Mal/EncPk-BA [Sophos]	5
W32/Brontok-Gen, Mal/Heuri-D, Mal/EncPk-BA [Sophos]	5
W32/Brontok-W [Sophos]	5
Win32/Brontok.worm.43072.C [AhnLab]	5
Win32/Brontok.worm.45120.AC [AhnLab]	5
Win32/Brontok.worm.45120.L [AhnLab]	5
Win32/Brontok.worm.45120.V [AhnLab]	5

W32/Rontokbro.gen@MM [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	1
	Russian Federation	1

W32/Rontokbro.gen@MM [McAfee] is known to be created as:

%AllUsersProfile%\drm\drm.exe

%AppData%\br6657on.exe

%AppData%\csrss.exe

%AppData%\dv6173880x\yesbron.com

%AppData%\idtemplate.exe

%AppData%\inetinfo.exe

%AppData%\jalak-931738815-bali.com

%AppData%\lsass.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\svchost.exe

%AppData%\winlogon.exe

%CommonAppData%\microsoft\crypto\crypto.exe

%CommonAppData%\microsoft\crypto\dss\dss.exe

%CommonAppData%\microsoft\crypto\dss\machinekeys\machinekeys.exe

%CommonAppData%\microsoft\crypto\rsa\machinekeys\machinekeys.exe

%CommonAppData%\microsoft\crypto\rsa\rsa.exe

%CommonAppData%\microsoft\crypto\rsa\s-1-5-18\s-1-5-18.exe

%CommonAppData%\microsoft\microsoft.exe

%CommonAppData%\microsoft\network\connections\cm\cm.exe

%CommonAppData%\microsoft\network\connections\connections.exe

%CommonAppData%\microsoft\network\connections\pbk\pbk.exe

%CommonAppData%\microsoft\network\network.exe

%CommonAppData%\vmware\vmware.exe

%CommonDesktopDir%\desktop.exe

%CommonDocuments%\documents.exe

%CommonFavorites%\favorites.exe

%CommonPrograms%\accessories\accessibility\accessibility.exe

%CommonPrograms%\accessories\accessories.exe

%CommonPrograms%\accessories\communications\communications.exe

%CommonPrograms%\accessories\entertainment\entertainment.exe

%CommonPrograms%\programs.exe

%CommonPrograms%\startup\startup.exe

%CommonTemplates%\templates.exe

%FontsDir%\lsass.exe

%MyDocuments%\backup.exe

%Profiles%\default user\application data\microsoft\microsoft.exe

%Profiles%\default user\cookies\cookies.exe

%Profiles%\default user\desktop\desktop.exe

%Profiles%\default user\favorites\favorites.exe

%Profiles%\default user\local settings\history\history.exe

%Profiles%\default user\local settings\temp\temp.exe

%Profiles%\default user\nethood\nethood.exe

%Profiles%\default user\printhood\printhood.exe

%Profiles%\default user\recent\recent.exe

%Profiles%\default user\sendto\sendto.exe

%Profiles%\default user\start menu\programs\programs.exe

%Profiles%\default user\start menu\programs\startup\startup.exe

%Profiles%\default user\templates\templates.exe

%Profiles%\localservice\application data\microsoft\microsoft.exe

%Profiles%\localservice\cookies\cookies.exe

%Profiles%\localservice\local settings\history\history.exe

%Profiles%\localservice\local settings\temp\temp.exe

%Profiles%\localservice\localservice.exe

%Programs%\startup\scan.com

%System%\1126\ctfmon.exe

%System%\backup.exe

%System%\c_44292k.com

%System%\caudio.exe

%System%\cmd.com

%System%\cmd-bro-kkx.exe

%System%\cmd-bro-klx.exe

%System%\cmd-bro-mkx.exe

%System%\cmd-bro-mlx.exe

%System%\cmd-brontok.exe

%System%\cmd-bro-pkx.exe

%System%\cmd-bro-plx.exe

%System%\cmd-bro-qmx.exe

%System%\cmd-bro-rkx.exe

%System%\cmd-bro-rlx.exe

%System%\cmd-bro-rmx.exe

%System%\cssrs.exe

%System%\dllcache\regedit32.com

%System%\dllcache\shell32.com

%System%\dllchache.exe

%System%\drivers\intel.exe

%System%\drivers\netdrv.exe

%System%\drivers\winlogon.exe

%System%\dvbern.exe

%System%\dvbetj.exe

%System%\dxblaa.exe

%System%\dxblac.exe

%System%\dxblad.exe

%System%\dxblaf.exe

%System%\dxblag.exe

%System%\dxblah.exe

%System%\dxblai.exe

%System%\dxblaj.exe

%System%\dxblak.exe

%System%\dxblal.exe

%System%\dxblam.exe

%System%\dxblan.exe

%System%\dxblao.exe

%System%\dxblap.exe

%System%\dxblaq.exe

%System%\dxblas.exe

%System%\dxblat.exe

%System%\dxblav.exe

%System%\dxblaw.exe

%System%\dxblax.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%CommonTemplates% is a variable that refers to the file system directory that contains the templates that are available to all users. A typical path is C:\Documents and Settings\All Users\Templates (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).