ThreatExpert's Statistics for W32.Rontokbro@mm [Symantec]:

W32.Rontokbro@mm [Symantec] is also known as:

Threat Alias	Number of Incidents
W32/Rontokbro.gen@MM [McAfee]	4,473
WORM_BRONTOK.BA [Trend Micro]	4,069
PE_PARITE.A [Trend Micro]	4,000
Virus.Win32.Parite.b [Kaspersky Lab]	4,000
W32/Pate.b [McAfee]	4,000
Win32.Parite.B [PC Tools]	4,000
Worm.Brontok.Gen!Pac.3 [PC Tools]	3,913
Email-Worm.Win32.Brontok.n [Kaspersky Lab]	3,700
Email-Worm.Win32.Brontok.q [Kaspersky Lab]	356
WORM_RONTKBR.GEN [Trend Micro]	213
Worm.Brontok.Gen.1 [PC Tools]	106
Email-Worm.Brontok!sd5 [PC Tools]	95
W32/Brontok-BB [Sophos]	70
Worm:Win32/Brontok.BJ@mm [Microsoft]	70
Email-Worm.Win32.Brontok.A [Ikarus]	60
Email-Worm.Win32.Brontok.N [Ikarus]	57
W32/Brontok-K [Sophos]	53
I-Worm.Brontok.Gen.2 [PC Tools]	51
WORM_RONTKBR.D [Trend Micro]	51
Packed/MEW [PC Tools]	50
PE_SALITY.AS [Trend Micro]	50
Virus.Win32.Sality.q [Kaspersky Lab]	50
Win32.Sality.X [PC Tools]	49
Worm:Win32/Brontok.AF@mm [Microsoft]	49
I-Worm.Brontok.CU [PC Tools]	46
W32/MoonLight.worm [McAfee]	43
Email-Worm.Win32.Brontok [Ikarus]	36
WORM_RONTKBR.B [Trend Micro]	35
Worm.VB.WKJ [PC Tools]	28
WORM_MOONLIGHT.B [Trend Micro]	25
W32/Virut.gen [McAfee]	23
Worm.Win32.VB.cz [Kaspersky Lab]	23
Email-Worm.Win32.Brontok.a [Kaspersky Lab]	19
Virus.Win32.Virut.q [Kaspersky Lab]	17
W32/Brontok-N [Sophos]	15
Worm:Win32/Brontok@mm [Microsoft]	15
I-Worm.Brontok.CH [PC Tools]	14
I-Worm.Brontok.O [PC Tools]	14
Email-Worm.Win32.VB.co [Kaspersky Lab]	12
I-Worm.VB.ZUF [PC Tools]	12
WORM_MOONLIGHT.F [Trend Micro]	12
I-Worm.Brontok.EV [PC Tools]	10
Virus.Win32.Rontokbr.I2 [Ikarus]	10
WORM_RONTOKBRO.H [Trend Micro]	10
Generic.dx [McAfee]	8
PE_VIRUT.XO [Trend Micro]	8
PE_VIRUT.XP [Trend Micro]	8
Virus.Win32.Virut.o [Kaspersky Lab]	8
W32/Bobandy-D [Sophos]	8
Win32/Brontok.worm.45417 [AhnLab]	8
Email-Worm.Win32.Runouce.b [Kaspersky Lab]	7
PE_Chir.B [Trend Micro]	7
PE_VIRUT.XL [Trend Micro]	7
W32/Brontok-BZ [Sophos]	7
W32/Chir.b@MM [McAfee]	7
Worm.Brontok.EW [PC Tools]	7
I-Worm.Brontok.AN [PC Tools]	6
I-Worm.Brontok.ER [PC Tools]	6
Possible_RONTK [Trend Micro]	6
W32/Brontok-D [Sophos]	6
W32/Brontok-Gen, Mal/Packer, Mal/EncPk-BA [Sophos]	6
Worm.Win32.VB.cz [Ikarus]	6
Email-Worm.Win32.Brontok.c [Kaspersky Lab]	5
I-Worm.Brontok.BG [PC Tools]	5
I-Worm.Brontok.DE [PC Tools]	5
W32/Brontok-Gen, Mal/EncPk-BA [Sophos]	5
W32/Brontok-Gen, Mal/Heuri-D, Mal/EncPk-BA [Sophos]	5
W32/Brontok-W [Sophos]	5
W32/Vetor-A [Sophos]	5
Win32/Brontok.worm.45120.V [AhnLab]	5
Win32/Brontok.worm.81920.E [AhnLab]	5
Worm:Win32/Lightmoon.G [Microsoft]	5
Email-Worm.Win32.Brontok.s [Kaspersky Lab]	4
I-Worm.Brontok.EP [PC Tools]	4
I-Worm.Brontok.GE [PC Tools]	4
JS.Chir.B [PC Tools]	4
TROJ_MALM9T.A [Trend Micro]	4
W32/Brontok-B [Sophos]	4
W32/Brontok-X [Sophos]	4
W32/Chir-B [Sophos]	4
Worm.Brontok.CC [PC Tools]	4
Worm.VB!sd5 [PC Tools]	4
Worm.VB.YFU [PC Tools]	4
Worm:Win32/Brontok.GA@mm [Microsoft]	4
WORM_BRONTOK.A [Trend Micro]	4
Email-Worm.Brontok.Q [PC Tools]	3
Email-Worm.Win32.Brontok.f [Kaspersky Lab]	3
I-Worm.Brontok.CE [PC Tools]	3
I-Worm.Brontok.CF [PC Tools]	3
I-Worm.Brontok.CY [PC Tools]	3
I-Worm.Brontok.R [PC Tools]	3
Mal/EncPk-BA [Sophos]	3
Mal/Generic-A [Sophos]	3
Mal/VB-F [Sophos]	3
PE_TENGA.A [Trend Micro]	3
Virus.Win32.Tenga.a [Kaspersky Lab]	3
Virus:Win32/Chir.B@mm [Microsoft]	3
W32/Brontok-CH [Sophos]	3
W32/Brontok-G [Sophos]	3
W32/Gael.worm.a [McAfee]	3

W32.Rontokbro@mm [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	Germany	2
	France	1

W32.Rontokbro@mm [Symantec] is known to be created as:

%AppData%\br6657on.exe

%AppData%\csrss.exe

%AppData%\dv6173880x\yesbron.com

%AppData%\inetinfo.exe

%AppData%\jalak-931738815-bali.com

%AppData%\lsass.exe

%AppData%\microsoft\dfreeze.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\svchost.exe

%AppData%\winlogon.exe

%CommonDocuments%\dfreeze.exe

%MyDocuments%\backup.exe

%System%\005165423741l.exe

%System%\005265433751l.exe

%System%\006265434852l.exe

%System%\016276878205l.exe

%System%\116276534852l.exe

%System%\116276534862l.exe

%System%\127387645063l.exe

%System%\16276878205l.exe

%System%\227487655073l.exe

%System%\227487656073l.exe

%System%\238408756174l.exe

%System%\330508767285l.exe

%System%\338508767184l.exe

%System%\340510867285l.exe

%System%\440510867205l.exe

%System%\440510867285l.exe

%System%\440610423741l.exe

%System%\440610867205l.exe

%System%\451621078306l.exe

%System%\45162178306l.exe

%System%\5165423741l.exe

%System%\551721088316l.exe

%System%\55172188316l.exe

%System%\562732180417l.exe

%System%\6265434852l.exe

%System%\662732180427l.exe

%System%\662732201528l.exe

%System%\662832100427l.exe

%System%\673843201528l.exe

%System%\773043212538l.exe

%System%\784054312630l.exe

%System%\884054867285l.exe

%System%\884154322640l.exe

%System%\885154323741l.exe

%System%\backup.exe

%System%\c_44292k.com

%System%\cmd.com

%System%\cmd-bro-kkx.exe

%System%\cmd-bro-klx.exe

%System%\cmd-bro-lmx.exe

%System%\cmd-bro-mkx.exe

%System%\cmd-bro-mlx.exe

%System%\cmd-brontok.exe

%System%\cmd-bro-pkx.exe

%System%\cmd-bro-plx.exe

%System%\cmd-bro-qmx.exe

%System%\cmd-bro-rkx.exe

%System%\cmd-bro-rlx.exe

%System%\cmd-bro-rmx.exe

%System%\drivers\etc\host.com

%System%\drivers\winlogon.exe

%System%\dvbern.exe

%System%\dvbetj.exe

%System%\dxblaa.exe

%System%\dxblac.exe

%System%\dxblad.exe

%System%\dxblaf.exe

%System%\dxblag.exe

%System%\dxblah.exe

%System%\dxblai.exe

%System%\dxblaj.exe

%System%\dxblak.exe

%System%\dxblal.exe

%System%\dxblam.exe

%System%\dxblan.exe

%System%\dxblao.exe

%System%\dxblap.exe

%System%\dxblaq.exe

%System%\dxblas.exe

%System%\dxblat.exe

%System%\dxblav.exe

%System%\dxblaw.exe

%System%\dxblax.exe

%System%\dxblay.exe

%System%\dxblaz.exe

%System%\dxblba.exe

%System%\dxblbc.exe

%System%\dxblbe.exe

%System%\dxblbf.exe

%System%\dxblbh.exe

%System%\dxblbj.exe

%System%\dxblbk.exe

%System%\dxblbl.exe

%System%\dxblbm.exe

%System%\dxblbo.exe

%System%\dxblbq.exe

%System%\dxblbt.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).