Troj/BrontDl-B

Category: Viruses and Spyware Protection available since:08 Mar 2006 00:00:00 (GMT)
Type: Trojan Last Updated:08 Mar 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/BrontDl-B is a downloading Trojan for the Windows platform.

Troj/BrontDl-B attempts to download and execute a file from a preconfigured location on the internet. Troj/BrontDl-B is a downloading Trojan for the Windows platform.

Troj/BrontDl-B attempts to download a file from a preconfigured location to <System>\dll\lsass.exec2u.bin and execute it.

At the time of writing, this file was unavailable for download.

When first run Troj/BrontDl-B copies itself to <System>\dll\lsass.exe.

The following registry entry is changed to run lsass.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
Explorer.exe "<System>\dll\lsass.exe"

(the default value for this registry entry is "Explorer.exe" which causes the Microsoft file <Windows>\Explorer.exe to be run on startup).

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy