The Brontok Virus is a computer worm that affects computers running Microsoft Wi

ndows. It spreads by sending itself to email addresses harvested from the affect
ed computer. Brontok Virus came from Indonesia. When Brontok is first run, it co
pies itself to the user's application data directory. It then sets itself to sta
rt up with Windows, by creating a registry entry in the HKLM\Software\Microsoft\
Windows\CurrentVersion\Run registry key. It disables the Windows Registry Editor
(regedit.exe)and modifies Windows Explorer settings. It removes the option of "
Folder Options" in the Tools menu so that the hidden files, where it is conceale
d, are not easily accessible to the user. It also turns off Windows firewall. Va
riants of the Brontok worm include:
Brontok.A
Brontok.B
Brontok.C
Brontok.D
Brontok.F
Brontok.G
Brontok.H
Brontok.I
Brontok.K
Brontok.Q
- Start your computer in safe mode with command prompt and type the following co
mmand to enable registry editor:-
reg delete HKCUsoftwaremicrosoftwindowscurrentversionpoliciessystem /v "DisableR
egistryTools"
and run HKLMsoftwaremicrosoftwindowscurrentversionpoliciessystem /v "DisableRegi
stryTools"
- After this your registry editor will be enabled
- Now type explorer
- Goto Run and type regedit
- Then follow the following path :-
HKLMSoftwareMicrosoftWindowsCurrentversionRun
on the right side delete the entries which contain 'Brontok' and 'Tok-' words.
- After that restart your system
- Now open registry editor and follow the path to enable folder option in tools
menu
HKCUSoftwareMicrosoftWindowsCurrentversionPoliciesExplorer 'NoFolderOption'
delete this entry and restart ur computer
- Now search *.exe files in all drives (search in hidden files also)
remove all files which are display like as folder icon.