Saturday, March 20, 2010

Brontok From The I-worm Family

What is Brontok? It’s a virus that emanates from the I-worm family. The virus is spread via the network so basically all the computer in a single network will be infected immediately once the infected PC connects into the network. What it does is creating new files which looked like a folder but its actually a .exe file. Unless you’ve enabled the view extensions in the folder options or else you won’t see the .exe extension of the file. The files are approximately 43.7Kb each and normally people will click to open them because they looked like a folder. So after you’ve open it, the virus will run each time during start up and continues spreading and spreading… into the hard drives.

More problems will eventually come up. usually when you click “Tools” in explorer, there’s a “folder options” below it. Once the PC is infected with the virus, the Folder Options will be missing, which disabled you to change the options to view the extension of the files. So when you see a new folder appeared from elsewhere and you clicked to open it out of curiosity, the virus spread more again. Moreover, the virus disabled the registry edit where this message will be seen “Registry edit is disabled by the administrator” every time you try to edit the registry.

No comments:

Post a Comment