The file EKSPLORASI.EXE is a computer worm.
The worm EKSPLORASI.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the EKSPLORASI.EXE problem as soon as possible!
Delete the file EKSPLORASI.EXE from all infected computers in your network.
Set up your network firewall against EKSPLORASI.EXE intervention.
Malware Analysis of EKSPLORASI.EXE
Full path on a computer:
Removal Results: Success
Number of reboot: 1
EKSPLORASI.EXE is known as:
Worm.Brontok.CB, W32.Brontok.Q, Trojan.Dropper, EmailWorm, W32.Brontok.q, Trojan.Alman.bdbarl, W32.Backdoor.HCD, W32.Rontokbro@mm, Rontokbro, Win32.Robknot.V, WORM_RONTOKBRO.R, Win32:Brontok-DF [Wrm], Stration, Worm.Brontok.C, Email-Worm.Brontok.q, I-Worm.Brontok.DL, Trojan.Agent.Gen-FakeSec, Worm.Brontok.CB (B), Worm.Brontok.W, Worm.Brontok.a, W32.Brontok-CT, I-Worm.Brontok.ho, Worm.Brontok.a.(kcloud), Worm.Brontok.AB@mm, I-Worm.Brontok.42089, Win32.Brontok.worm.42089.B, W32.Backdoor.GOJG-2943, SIM.Trojan.VBO.0192, Email-Worm.Brontok.sd5, Win32.Brontok.W, Trojan.Mnless.dyr, Email-Worm.Brontok, W32.Brontok.A@mm, Worm.Brontok.FE, W32.Brontok.IE.worm
EKSPLORASI.EXE hash:
- MD5: 053dd269a3ed1ef44f0ab04599d5dffd
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Bron-Spizaetus: “”%WinDir%\ShellNew\bronstab.exe”"
- HKLM\System\CurrentControlSet\Services\Schedule\AtTaskMaxHours: 0×00000048
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Tok-Cirrhatus: “”%Local Appdata%\smss.exe”"
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “Explorer.exe “%WinDir%\eksplorasi.exe”"
- HKLM\System\CurrentControlSet\Services\Schedule\NextAtJobId: 0×00000002
Folders:- %Local Appdata%\Bron.tok-10-6
Files:- %Local Appdata%\csrss.exe
- %Local Appdata%\inetinfo.exe
- %Local Appdata%\ListHost10.txt
- %Local Appdata%\lsass.exe
- %Local Appdata%\services.exe
- %Local Appdata%\smss.exe
- %Local Appdata%\winlogon.exe
- %Startup%\Empty.pif
- %Profile%\Templates\WowTumpeh.com
- %WinDir%\SHELLNEW\bronstab.exe
- %SysDir%\Administrator’s Setting.scr
- %WinDir%\Tasks\At1.job
- %WinDir%\eksplorasi.exe