Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
Published May 14, 2008 | Updated Sep 15, 2017

Worm:Win32/Brontok.W@mm

Detected by Microsoft Defender Antivirus

Aliases: Win32/Brontok.worm.49152.G (AhnLab) Worm/Brontok.I (AVG) Win32/Robknot.AK (CA) Win32/Brontok.CO (ESET) Email-Worm.Win32.Brontok.q (Kaspersky) W32/Ronokbro.gen@MM (McAfee) W32/Rontokbro.FS@mm (Norman) W32/Brontok.N.worm (Panda) W32/Brontok-Gen (Sophos) Email-Worm.Win32.Brontok.a (Sunbelt Software) W32.Rontokbro@mm (Symantec) WORM_RONTKBR.GEN (Trend Micro)

Summary

Worm:Win32/Brontok.W@mm is a worm that spreads via e-mail and removable drives. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct Denial of Service (DoS) attacks against certain web sites.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.
Follow us