Win32.Brontok.AP@mm
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 10,679 |
Threat Level: | 10 % (Normal) |
Infected Computers: | 154 |
First Seen: | March 8, 2012 |
Last Seen: | August 9, 2023 |
OS(es) Affected: | Windows |
Win32.Brontok.AP@mm belongs to the Brontok family of worms, one of the preferred malware-delivery methods for criminals since their first appearance in 2006. Win32.Brontok.AP@mm in particular has been linked to a Trojan infection that hides the victim's files in an attempt to convince the computer user to purchase a useless bogus hard disk repair utility. ESG security researchers consider that any infection involving the Win32.Brontok.AP@mm or other members of the Brontok family as severe in nature and should be removed immediately with the aid of a reliable anti-malware program.
Symptoms of a Win32.Brontok.AP@mm-Related Malware Infection
There are many variants of the Win32.Brontok.AP@mm worm, and the symptoms necessarily change from one case to the next. Some symptoms that have been linked to this malware infection include the following:
- Having an application closing immediately after starting up or having Windows rebooting when trying to launch an application, particularly security-related programs.
- Having certain websites becoming inaccessible or being unable to update security software.
- Not being able to modify folder options through Windows Explorer. This is particularly nasty when it comes to Win32.Brontok.AP@mm's associated with a hidden files fraud Trojan, since the victim is not able to set the hidden files' attribute back from hidden.
- Having essential Windows components related to malware removal become disabled, such as the command shell, System restore, Task manager and the Windows Registry editor.
As you can see, the Win32.Brontok.AP@mm worm is not only designed to deliver malware, but also has been engineered to make malware infections more likely to take hold and much more difficult than normal to remove from the infected computer system.
Understanding the Win32.Brontok.AP@mm Family of Worms
Win32.Brontok.AP@mm is a worm that tends to spread from removable memory drives. Win32.Brontok.AP@mm is able to send out mass emails from the infected computer's email address to all of that email account's contacts. These email messages help spread Win32.Brontok.AP@mm from one computer to another. Win32.Brontok.AP@mm creates a folder and, in order to download a text file into that folder, connects to the Internet. It copies itself several times, using several different extensions (including EXE, PIC, SCR, and COM. The file names that the Win32.Brontok.AP@mm worm uses tend to be the same for common Windows system files, such as lsass, csrss, smss, services and winlogon. One of the ways in which the Win32.Brontok.AP@mm worm makes it more likely that the computer user will open it is by using the Windows 'New Folder' icon, making it seem as if it is a directory rather than an executable file.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.