- Block exe files from running
- Cant change my homepage
- Connects to the internet without permission
- Installs itself without permissions
- Normal system programs crash immediatelly
- Shows commercial adverts
- Slow Computer
- Slow internet connection
- System crashes
Worm.Brontok@mm is a worm that is classified as mass-mailer (as it can be seen from the "mm" at the end of its name). Mass mailing worms like Worm.Brontok@mm spread on their own accord by attaching themselves to emails sent to multiple addresses. The worm gathers this information on the addresses from the infected computer and so it spreads further. However, it is also possible for this worm to spread via USB drives. Despite the fact that Worm.Brontok@mm does not infect system files directly, it can suddenly terminate various programs, and force Windows to reboot once a particular program is run. Worm.Brontok@mm is also capable of launched a Denial of Service attack against certain websites.
Do not be surprised if you cannot run Windows Task Manager and the Registry Editor as well - Worm.Brontok@mm can successfully kill these system tools. And it can easily hide itself from you. It happens, because the worm drops a few copies of itself in various folders. These filed are named differently and all of them have different extensions, including: .com, .exe, .pif and so on. Therefore, on the outside it may look as though the infection files are actually harmless, legitimate files, for example, Worm.Brontok@mm's files look exactly like Windows system files - lsass.exe, csrss.exe, winlogon.exe etc.
Just like most of the worms Worm.Brontok@mm saves malicious code files under the "new folder" icon. It might look like a new folder, but in reality it is a malicious worm file, so when a user clicks on it, he or she involuntarily initiates the Worm.Brontok@mm infection. However, the user will probably not notice that the infection has taken place, because Worm.Brontok@mm opens a new folder window on purpose, to make it look like it really is just an empty new folder.
As far as the email messages that deliver Worm.Brontok@mm to the target system are concerned, their characteristics are different. There might be messages with no subject and no message body. In such case the malicious attachment is usually called kangen.exe. Other emails might have political or commercial messages in Indonesian and English with attachments photo.zip or Sample_Picture.zip. Either way it is clear that the user should not open those attachments otherwise the Worm.Brontok@mm infection is imminent.
Removing this worm might also present some problems, because it works so deep at the system level. Therefore, it is best to remove Worm.Brontok@mm with a computer antimalware program that you can acquire on the Internet. The program of choice will make sure that Worm.Brontok@mm does not regenerate, and at the same time your system will be safeguarded against similar infections.