- Cant change my homepage
- Connects to the internet without permission
- Installs itself without permissions
- Slow Computer
- Slow internet connection
- System crashes
Worm:Win32/Brontok.BG@mm is a mass-mailing worm and it implies that it is a self-replicating computer threat, that can clutter your network and your system to the point it might become no longer operable. Just as its name suggests, Worm:Win32/Brontok.BG@mm spreads via email that makes use of SMTP engine to send itself away to target mailboxes. Since it uses SMTP engine to spread there are no traces of the sent emails in the user’s outgoing or sent email folders. Thus the user becomes a part of Worm:Win32/Brontok.BG@mm’s distribution system without even realizing it.
Emails are not the only mean of “transportation” for Worm:Win32/Brontok.BG@mm. This worm can also easily copy itself to removable USB flash drives. When this threat is executed it creates a separate folder, because just like all worms, it does not infect a particular file. Instead, Worm:Win32/Brontok.BG@mm downloads a text file onto that folder from a remote website. It means that the worm connects to the Internet without your knowledge or permission. Not to mention that Worm:Win32/Brontok.BG@mm also copies itself to various folders and adds different file extensions to itself, such as .exe, .com or .pif. It is also hard to tell the worm file apart, because it makes use of the same name as legitimate Windows system files, for example, csrss.exe, winlogon.exe or smss.exe.
Usually Worm:Win32/Brontok.BG@mm can be found in a “new folder” that it creates for worm files. It should be noted that this worm is one of the variants of a huge Win32/Brontock worm family, so if there this Worm:Win32/Brontok.BG@mm in your system, you should consider the probability of being infected with other version of this worm as well. They all use the same tactics to infect the target computer and spread further, namely – once the user click on the “new folder” created by the worm to check for its contents, the worm file is run although on the surface it only looks like a new Explorer window for another folder is opened.
Even though Worm:Win32/Brontok.BG@mm does not cause any direct harm to your system, little by little it can take over your bandwidth and perform various malicious actions using your computer as the launch point. It can also significantly slow down the system and steal a great chunk of your bandwidth. Therefore, it is extremely important that you remove Worm:Win32/Brontok.BG@mm from your system the moment you detect the infection. Since there are so many files related to this worm it would be more efficient to get rid of the worm automatically with a legitimate antimalware application. Delete Worm:Win32/Brontok.BG@mm the moment you get your hands on the security tool of choice and make sure that your system’s door is barred to similar infections.