Brontok or Rontokbro is a powerful computer virus that comes from Indonesia. Although this virus is quite old but there are still a lot of computers infected by Brontok virus because the of the capability of spreading itself through network or USB and the difficulty in removing it once the computer has been infected. Some of the built-in diagnostic utility such as the Registry Editor (regedit.exe), System Configuration (msconfig.exe) and Command Prompt (cmd.exe) are disabled and any attempt in running these tool will automatically restart the computer. Even the Folder Options icon from Control Panel and from the Tools menu at Explorer are removed. The biggest problem is Brontok can disable and corrupt most of the popular antivirus program, making it nearly impossible to be removed from the computer.
Other than resorting to formatting the hard drive to reinstall a clean copy of Windows or using rescue disk which could take hours to scan your computer, you can try some of the free Brontok removal tools to attempt in cleaning up the infection. These tools are very small in size and is normally fast in detecting Brontok’s presence and effective in removal.
Here are 8 free removal tools you can use to easily remove Brontok virus.
1. Kaspersky Brontok Removal Tool (kwlk)
This removal tool by Kaspersky scans the known registry location and memory for Brontok’s presence when it is ran. You can scan the local drives by appending the /s switch with the program, for example kwlk.com /s in command prompt.
Download Kaspersky Brontok Removal Tool
2. CleanBrontok
CleanBrontok is a free and portable tool that claims to detect and remove all variants of Brontok worm. This tool is from Proland Software, a company that develops their own antivirus software called Protector Plus. Just run the executable file and click the Scan button. It scans the whole hard drive and make take slightly longer to complete if compared to other Brontok removal tools.
3. BitDefender Brontok Removal Tool
Bitdefender, a well known antivirus company also has their own Brontok removal tool at only 38KB in size. Running the program will instantly start scanning important areas on the system such as running process, memory, startup and services files. Click the Scan button to start scanning the hard drive for any files that belongs to Brontok.
Download BitDefender Brontok Removal Tool
4. CaSIR
CaSIR which is short for Common and Stubborn Infections Remover. This tool used to be a shareware but has turned into a freeware. From our experience, CaSIR is very effective in removing viruses that most antivirus fails to remove. Just click the Scan button and it will prompt to restart the computer when it has finished cleaning up.
Important Note: The User Account Control (UAC) MUST be disabled in order for this program to fully perform the cleanup or else you’d end up with an infinite loop of reboot.
5. Brontok Washer
We’ve had huge success with Brontok Washer cleaning up Brontok infections. However, newer variants of Brontok virus has some sort of protection against this tool and may block it from running. Other than that, it only works on XP. If you click the Scan button on Windows Vista/7, the computer will instantly get a blue screen of death.
6. BRONTOKREMOVAL Tool
This Brontok cleaner tool is by Security Stronghold and it requires installation and a one time downloading of the latest virus definition. It scans the hard drive and is quite slow. During testing it wrongly detected the Windows Calculator as infected by Brontok when it is clean. Supports Windows 7.
7. Sophos BRONTGUI
This is probably the most popular brontok cleaners of all by Sophos. Click the Start Scan button and it tries to locate files, registry entries and processes that are infected by Brontok and automatically attempts to remove it. Take note of the additional advices provided by BRONTGUI after scanning to make sure that your computer is fully removed from Brontok worm.
8. Quick Cleaner for Brontok
Quick Cleaner for Brontok is one of the earliest removal tool that targets Brontok virus. However it was never updated to detect the newer variants and it doesn’t work on Windows Vista/7 as well. Clicking the kill virus button will cause a BSOD like Brontok Washer.
Download Quick Cleaner for Brontok
Due to multiple variants of Brontok virus that has been released into the wild, it is advisable to try all the removal tools listed above to achieve a higher chance in fully removing Brontok from your system. Make sure you run them one at a time and not all at the same time. You should avoid using the removal tools that are not compatible with Vista/7 if your system is running that operating system. If none of the tools above managed to remove Brontok from your computer, your last resort is to use an antivirus rescue disk which will surely remove all of the viruses from your system including Brontok. After removing Brontok, you can use Remove Restrictions Tool to re-enable the disabled regedit, task manager, command prompt and etc.
thnx a lot bro!!!!!!!
you saved my PC!!!!!
thank you very muchooooo
Well if u want to “kill” it, just make a new profile (because it’s in the “local” folder) and delete your old (ofc save your things ,but then let the os. to remove the old profile completely), it’s recomended to restore the registry ,then you can acces to “folder options”… again.
This can “kill” 99% of the viruses which aren’t in the windows folder.
the easiest would probably to download windows essentials and itll take less then 10 minutes to download and get rid of the brontok virus.
well I’ve learn t something new on the removal of brontok virus. I hope to learn more about this virus. thanks
first use avast version 4.8(startup scanning) and after to clean the registry use Trojan Remover at simplysup.com like Jin said in previous topic…
thx a lot man, kav brontok remover me :DD
oh…so u all want a program to delete the virus…..then use ESET NOD32…..it has anti-STEALTH technology….STEALTH technology is the one that causes antiviruses to avoid detecting those brontok files……be sure to get an updated virus database so that it can detect new variations of the brontok virus……there are also antiviruses that work like NOD32……
thanks you so much for your anti-virus. that was very helpful to me.
AVG 8.5 try it! (100% sure)
lemme knw when u succes killin it!
Hi there,
I just want to share my experience to remove brontok virus and family. I say that because that virus have developed until now. Since that virus only can lock msconfig (System configuration utility) and regedit (Registry editor) until it can running on safe mode.
Really annoyance virus. But still that virus have weakness. It can\\\’t run in Safemode with command prompt only. So you can remove it at that safemode.
Don\\\’t use other safemode because at earlier version that virus still can run actively. This is step by step for removing brontok virus or whatever that names.
1. reboot your computer and enter into safemode with command prompt only. You can enter to this mode with pressing F8 while boot menu displayed.
2. click start menu –> run
3. type msconfig –> press enter
4. click Startup tab and uncheck unknown software like empty.pif, autorun.ini, and suspicious software in list.
5. click OK and don\\\’t restart the computer.
6. click start menu –> run
7. type regedit –> press enter
8. browse to HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CUrrentVersion\\\\Run,HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CUrrentVersion\\\\RunOnce and HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CUrrentVersion\\\\RunOnceEx
9. browse to HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run
10. for 8 and 9, you must find String with value = \\\”MSCONFIG\\\” and delete it
11. reboot your computer
12. scan your computer with Ansav antivirus at this link uploaded.to/?id=xlhowo
try it.
I used a light weight software to get rid of BRONTOK along with some other things the heavy anti virus(es) might not detect:
It’s called REMOVEIT and it’s free.
My Office\\\’s computer was infected by that virus. All files was empty in folder.
I had discussion with board this morning but all important files including office financial and proposal that I prepared since 2 weeks ago was gone!!
My boss was very angry to me. He said I\\\’m lazy workers, come to play. he want to see what kind my thumb drive it is, when he put in their laptop and click that files in his laptop, nothing was happen.
That file can\\\’t open, he delete that file but a second later, that f**king file was appear again.
My bos said \\\”Shit!\\\” their was infected also. My boss cann\\\’t open their \\\”folder option\\\” to find their personal backup but folder option cant find in \\\”control panel\\\” I said him to try \\\”find & search\\\” application but can\\\’t found it, everything their personal file is also gone..
Laptop was very slow, he had prepared the presentation at ealier time, he still editing their ms power point. He very frustered and click \\\”Alt+Ctrl+Del\\\” to see what programme was running, but automatically his laptop was restart without saving their files.
His face was red color, Office\\\’s PC was infected also with this brontok virus, then I tried to reformat it. There are still some folders that cannot be deleted even after formatting.
My flash drive was also infected, then I tried to scan it with AVG, Norton and McAfee, the scanning declared that the flash drive had no virus, but there all the folders cannot be detected by the computer. In some other PC it can be seen what the folders are in very shaded.
What is this so. I had tried to format the flash drive and there are still some files that are still there.
He call the IT technician, they said can do it better but, this technician was format all including Windows programme.
Now I am free.. Free Man..
I got a resignation letter from my bos and throw my laptop into my office\\\’s dustbin.
use windows’ MRT.exe, commonly known as the malicious software removal tool. the brontok worm cannot disable this. i dont know why…
i had this issue for months, i was able to remove it using superantiapyware. installed this program is normal mode then went safe mode. scanned my computer then removed it all. just go to their website superantispyware.com
I used to get the same bontok window, which when deleted/closed used to close the explorer rendering all my work getting lost. so i have located the explorer file in my picture folder and only changed it to open with notepad. now a seperate programe window opens which i close and we are both happy. i still want to delete it permanantly if someone gives me a easy way out.
I am a senior IT systems administrator. I have run into this virus that infected an entire network and I have fully removed the virus from all pc’s. Here’s the manual removal instructions. Be careful, this post is for advanced users that must know what they are doing.
Brontok Virus Manual Removal Instructions
1. Disconnect your computer from the network and disable file sharings, if any exist on the pc.
2. Disable System Restore (for Windows XP/Windows Me only).
For Windows XP:
a. Click Start.
b. Right-click My Computer, and then click Properties.
c. Click the System Restore tab.
d. Select Turn off System Restore or Turn off System Restore on all drives check box.
3. Start your machine in Safe mode. Reboot and repeatedly press F8. If you cannot boot into safe mode, you should still be able to get rid of the virus, however, safe mode is recommended.
4. Update the anti-virus software for any latest updates.
5. You will have to use the regedit function to remove a lot of infected/newly created values in the registry.
6. Click Start>Run. Then type regedit, click OK.
7. If the registry editor fails to open, the threat may have modified the registry to prevent it from opening. You can use a tool to resolve this problem:
a. You will need to use Internet Explorer to download this file.
b. Go to symantec.com/security_response/writeup.jsp?docid=2004-050614-0532-99 and download the UnHookExec.inf file at the bottom of the page. (you will have to download this file on another pc and save it on a drive and move it over to the infected pc)
c. Once you have put this file onto the infected pc’s Desktop, Right-click the file and click Install. You won’t really notice anything happen, however, this will enable the regedit function.
8. Once you can use the regedit function check to see if there is a scheduled task named A1 or something along those lines (scheduled to run at 5:08pm) in All Programs\Accessories\System Tools\Scheduled Tasks. If you can’t reach that location try: Control Pannel in classic view and look for the Scheduled Tasks icon/folder. Delete the task.
9. Next, before going ahead and deleting anything in the registry. You will need to use this German Brontok Removal tool
10. Click on the link that says: PenawarB.exe and save the file.
11. Once the file has been saved to the infected pc’s Desktop
a. Double click the file, click Run
b. In the bottom right hand corner click the button that says: Percubaan Percuma!
c. On the next screen click on the button on the left that says: Tidak mengapa, saya hendak cuba dahulu…
d. On the next screen click the button that says: Scan sekarang!
e. Once the tool has run it will show the location of all of the infected files
f. Click the button that says: Buang ! & Repair to delete the infected files
g. Note: This tool is free so when you click Repair it will delete all of the files except for 10 of them. For the remaining 10 you will have to take not of the infected files’ locations and manually delete them. Also, if there are less than 10 files that are infected to begin with you will have to manually delete all of them.
12. Once this is done follow the instructions below on deleting all other files and registry values. This step is very important and crucial to the final removal of the virus!
The worm may use various methods to run automatically each time Windows starts. Automatic startup methods that the worm employs may include:
• Placing a copy of itself in the user’s startup folder, i.e. %homepath%\Start Menu\Programs\Startup\Empty.pif. Delete the file.
• Adding a scheduled task to run %homepath%\Templates\A.kotnorB.com each day at 5:08 pm. Also check to see if there is a scheduled task named A1 or something along those lines in All Programs\Accessories\System Tools\Scheduled Tasks. If you can’t reach that location try: Control Pannel in classic view and look for the Scheduled Tasks icon/folder. Delete the task.
• Adding a registry value: “Tok-Cirrhatus”
With data:
In subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run. Delete the key.
• Adding registry value: “Bron-Spizaetus”
with data:
in subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Delete the key.
• Adding registry value: Shell
with data: “explorer.exe ”
in registry subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\WinLogon. Delete the key.
• Modifies registry value: AlternateShell
with data:
in registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
Note: the default setting for this key is “AlternateShell”=”cmd.exe”
Win32/Brontok may attempt to lower security settings by making the following changes:
• Prevents the user from accessing the Registry Editor by making the following registry edit:
Adds value: DisableRegistryTools
With data: 1
In subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System. Change the Data to 0.
• Prevents the display of files and folders with the ‘hidden’ attribute set:
Adds value: Hidden
With data: 0
In subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced. Change the Data to 1.
• Prevents the display of Windows system files:
Adds value: ShowSuperHidden
With data: 0
In subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced. Change the Data to 1.
• Prevents the display of executable file extensions:
Adds value: HideFileExt
With data: 1
In subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced. Change the Data to 0.
• Prevents access to the Folder Options menu:
Adds value: NoFolderOptions
With data: 1
In subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer. Change the Data to 0.
• Modifies the Windows HOSTS file to prevent access to certain Internet sites, the majority of which are antivirus or security-related.
• Attempts ping attacks against certain Web sites, presumably to launch a form of denial of service (DoS) attack.
• Terminates applications or restarts Windows when the title of the active window contains certain strings, many of which may be representative of antivirus or system tools that might ordinarily be used to detect or remove the worm.
• Overwrites the autoexec.bat file with the word “pause”, causing systems that employ the autoexec.bat file to pause on bootup. Some variants of Win32/Brontok may modify the autoexec.bat in order to display a message during bootup.
13. You will also want to go into msconfig. Start>Run, type msconfig. And disable any startup items (under the startup tab) that look suspicious; you may have to run an internet search to determine which are normal processes and which may be a threat.
14. Once this has been done, restart the pc, and check over everything in the following order:
a. make sure the scheduled task is no longer there
b. make sure you can open regedit
c. re-run the scanner for any infected files. If it finds anything delete them, restart the pc, and then re-run the scanner and delete files until nothing shows up again.
d. Make sure the registry is back to normal and that you can view hidden files and folders.
my hpcompaq nx9010 laptop is infected by baca bro virus, when i restart it gives a continious sound and login becomes after five or more trials, during opening any files the virus closes it immidately, to open satrt run it runs mmmmmmmmmmmm this letter immidately just like this. press escp during start it shows removable but i cant change from the HDD or CD ROM b/s all the fuction keys are disabled by the virus. b/s of this i can’t format it so what is the probable solution to clean my labtop from the baca bro virus.
thanks.
Hi, I also have the brontok virus, I think I picked it up on my USB when I was using the internet when travelling.
It has infected my computer and without knowing that I had the virus, I backed up all the files onto an external hard drive.
So how can I check that my external hard drive has/hasn\’t got the virus? Should I get rid of the virus on the computer first and then try running anti virus when I plug in the external hard drive or would that just re-infect the computer?
Thank you.
Norman Security Suite did a good job as well..
Hi Guys,
I want share solution to destroy or delete or remove the virus Brontok.A 16. Steps Below
1. Boot in safe mode with networking (Press F8 or F2 to get in safe mode options). Because Brontok will not allow system to browse any antivirus software web page.
2. Go to web page
microsoft.com/security/malwareremove/families.mspx
3. You will find Malicious Software Removal Tool in the right hand side. Download and save it desktop.
4. Run the file and pls do full scan virus.
5. Scanning process will take couple of hours. Relax ur self.
6. The software scans everything and it will delete all the infected files.
7. Click Finish and restart the computer normal booting.
8. Now u will be able to open MSCONFIG and folder options.
I hope the above steps will remove Brontok virus in ur system..
my computer wont let me get on internet explorer or fire fox only aol but it say that all the files are 2 big 4 aol wht should i do any help i also got my task manager back plus my regdeit any sugestions ray mond any 1
Grazie mille sto tentando di cancellare il virus con uno dei programmi elencati…però non capisco perchè tutti scrivono i verbi incorretti…ahaha ciao
thanks a lot for teaching me on how to remove brontok in my pc…i want to advise people on how to safe from pc viruses particulary brontok
1 is to avoid uses of many flash disc in a computer
2 is to up date the ant virus in comuter
OK
STAY SAFE
GREAT WORK
i’ve tried everything now right down to nod32 antivirus, it seems to say everything is threat free, how can i be sure???!!!
Thnx a tonn!!!!!!!!
I’ve been fighting with this virus tooth and nail. It just woud’nt allow me to do any thing. Finally I installed NOD 32 antivirus(trail version) and it worked wonders for me. BRONTOK is now a thing of past in my comp. Finally nailed that damn thing.
Thank you!!!!
My PC is free now. ;)
Croatia, Europa
I couldn’t get any AV product to remove the Brontok virus as it automatically detects certain keywords and programs and shuts down the PC before it can be removed.
If possible, remove the hard drive on which the virus is present. Connect it to another computer that has AVG installed and run the AV software from the second computer. You can specify the scan path so that only the corrupted hard drive is scanned.
Once done, replace the hard drive in the original computer and then run the registry restore program to gain access to the registry again.
Good Luck!
GOD this worm is awful and annoying.
Thank goodness for Brontok Washer.
Thanks a million to the person who posted this thing. C=
Trend Micro.. Securing your webworld.
Sir, when my pc have brontok virus i have copied some
important file into a dvd.now i m formating my harddrive.
If,in future i use that dvd in my pc will it again cause brontok virus for my pc or not?plz give me a solution……………
Please help me get rid of this Brontok…it is located in these files:
c:\windows\system32\cmd-brontok.exe
c:\windows\shellnew\rakyatkelaparan.exe
c:\windows\kesenjangansosial.exe
hkey_local_machine\software\microsoft\windows\currentversion\runvalue:bron-spizaetus
hkey_current_user\software\microsoft\windows\currentversion\runvalue:tok-cirrhatus
c:\windows\tasks\at2.job
c:\windows\tasks\at1.job
Please help! Thanks in advance…
Thanks a lot Raymond, for your help.
My PC was infected with the brontok virus, then I tried to reformat it. There are still some folders that cannot be deleted even after formatting.
My flash drive was also infected, then I tried to scan it with AVG, Norton and McAfee, the scanning declared that the flash drive had no virus, but there all the folders cannot be detected by the computer. In some other PC it can be seen what the folders are in very shaded. What is this so. I had tried to format the flash drive and there are still some files that are still there.
Hope you can help!
Thank you!
Hey Raymond,
Many Thanks for the helping me out in restoring my “Task Manager”. Unfortunately, I got a couple of issues now. When I run “msconfig” an error pops up – “Windows cannot find ‘msconfig’. Make sure you type the name correctly, and then try again. To search for a file, click the start button, and then click Search.”
Like Wise when I go to “system restore” I got – “this file does not have a program associated with it for performing this action. Create an association in the Folder Options Control Panel.” Any help!!!
Thnx a load…
Thanks a lot!Raymond
i tried 2 of the links aboove (Kapersky and washer)
The Brontok washer was the most effective just like stated above.
Many thanks.
Hi, I got a problem with ma task manager. Whenever I press “cntrl+Alt+Del” I got an error – “Task manager has been disabled by your administrator”, but I think I’m the administrator cuz the pc belongs to me alone and nobody uses it. Thanks for any reply.
-Mac.
help me i cant remove this virus and when i dload a anti virus my computer shuts down help me.send me the steps on how to remove it plss…..or anything i dono what to do now..
Praise the Lord!!! Raymond, tis site was very useful to me. I had a “sembako-cnzjkh.exe” error msg everytime i logged into Win XP. After installing and running GData Anti…Worm, it really scanned my whole system & eliminated tat Brontok type worm completely. Now im really free from it. Thanx a lot!!! God bless you!
Wow, never ever had a malicious virus until i got this SOB. Brontok was the most irritating thing i have had go wrong with my computer. BUT I have sorted it now! Although the RRT program allows you to edit registry and use Taskman it still does not help really in removing the virus because you kill the app and it replaces itself.
In order to remove it I used Spyware doctor in SAFE MODE with registryfix to clear the clutter and remove the program from the startup processes. Once this was done the virus could not replicate itself as it wasnt running in safe mode. Shutdown/reboot and it all worked well… One last clear up and defrag sorted my mess!
Good Luck!!!
run wrt.exe from run and do the normal one, will work
Thanks to cool and brontok washer, I got it out plus I used CCcleaner, hijackingthis and a few deleting and regedit
I have Brontok too, It makes sub folders in my folders that, when clicked, take me to the file explorer, also when I try to download anything it reboots my computer, My Mc Afee wont detect it, and I have Ad-aware, and evrytime I run it it finds and deletes something, but it doesn’t seem to be finishing with the problem, I don’t trust the link to the Indonesian virus database, I can run the task manager, and I haven’t tried but it seems that I can run the MSCONFIG and the regedit commands, I tried downloading AVAST anti-virus from the Windows Safe Mode but it rebooted my lap top!
I just want to know if installing Avast and running it will delte Brontok, and if not, what do I do?
To get access to regedit mscconfig or taskbar. Use the command “gpedit.msc” as administrator. or you can download “RRT – Remove Restriction Tool” . There is another almost similar virus available. Which makes a service “SSVICHOSST.exe” and dont allow to access in any system screen. write this command in the run box “taskkill /f /im ssvichosst.exe” in order to get rid of it. thanx
Hey dudes,
I read most of the solutions given before…
But just like to say one thing,you cant go on repairing windows xp everytime you get hit by the brontok virus…
And secondly,most of the solutions comprise of running the task manager or msconfig.exe…
But guys,the latest versions of brontok virus disables the regedit command,the task manager and the msconfig.exe also…
So you guys have any solutions out for this one eh????
:-)
Hello guy,the easy ways to removed brontok it’s removed the hdd and fixed on to other cpu as as slave.Make sure the cpu want to fixed it hdd are clean and up to dated antivirus.Try clean and removed using all the removal tool you have and don’t forget to restore your windows file cz some file were removed by brontok it self.OK have a nice day..
hello, please does brontok disable the usb port and if it does how can i restore it. And how do i restore my RUN
hello please does brontok disable the usb port
Hi its me again.
Thank you so so so so so much!
I used the Compactbyte thingo and it worked although it shut down. Too bad the Brontok Washer link didn’t work!
but i’ve downloaded AVG Anti-virus free edition & it no more viruses come up!
Thank you so much for all of your help!
Hi.
the link for bronktok washer doesn’t work anywhere!
Can anyone please tell me where i can download it??
Thank you!
Hi.
I used the Compactbyte & it seemed to be deleting my viruses until it stopped & shut down??
I’ll try Bronktok washer now because that seems to be working well – said the forum posters.
Thank you so much for all your help.
I really appreciate it!
Please tell me how to get rid of OSO.exe file which is residing in the pen drive. The pen drive cannot be formatted too.
Hi I have run above tool on my machine. After running all above tools on my machine, I was able to see run, task manager,registry. But when I restart my machine again these options are disabled? Any Idea….
Thanks, in advance
the name of the BRONTOK VIRUS is
BACA BRO!!!
it is a notepad not a program…but when you click it..it runs on DOS base…
like some other encounters….my folders duplicates the name of the folder…
plzzz help….
please help..
i can’t remove BRONTOK virus huhuhu…
my task manager automatically minimize and invisible…even i use twice CTRL+ALT+DEL still it minimize it self and disappear…
where will i download the 7 tools of brontok raymond? what website address?tnx!
when you press crtl+alt+del the task mngr should be always on top but with this virus it opens closes
i think format is d best solution to this T__T
I am infected by the Brontok Virus for the past 3-4 months. I do have Avast Antivirus Software, but it is too weak to handle such kind of viruses, I think.
Now, I am unable to run the Windows Registry. Whenever I open the Internet explorer, the address comes as thecoolpic.net, instead of about:blank. Also, changing the default address is disabled.
I am unable to run the antivirus software as well. Sometimes, when I try to find the solution on my PC by typing Anti-virus through Google, the whole window itself closes.
I did take my Hard Disk to my office for Virus Scanning. The virus was removed, but it has reappeared again, and again, am facing the same problem.
Insatalling another antivirus software also doesnt work.
I am using a broadband internet connection, and sometimes, the connection is disrupted suddenly. On some worse occasions, the CD drive opens and closes continuously as well.
What do i do so that to eradicate this virus, and also not get it again.
hi! my flash drive was infected with generic.brontok.f063b3be. it was detected by my antivirus but it was only blocked. it was not removed. i suppose this is a new variant of brontok? any idea of to remove it form my flash drive? i tried to search the net with its exact name but there were no matches. :-(
did u tried to use the system restore yet??
if you done so plss letme now if it work hehehehhe
i wanna try also
in safemode ive try 2 intall the rtt tool but omg
rtt.exe encountered a problem and need 2 b close
what should i do???
HELP plss
(thanks…………..thanks………………thanks)*1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000…………………………………………………………………..
once you are infected with brontok you will not be able to install any antivirus programs ,it will shut down, download the 7 free tools and run Brontok washer first.this deals with registry and then run Compact AV ….after these two run others…..
AVG ,Norton And other will not work work once you are infected they will only prevent the virus from coming in only when its updated
Hi, I have badly infected by brontok virus in my system i tried almost all the tool given above in the list but it doesn’t work to remove the virus, i hope it is new variant brontok which stop my task manager and registry editor and always shows an message in indonesian language if i tried to run task manager and registry editor. If i open the word document file it open an text document written ” Have a nice and say goodbye to brontok”. Any how I tried an antivirus tool which work pretty good and removed this virus from my system. Ansav antivirus, for download visit ansav.com
Good Luck
GRACIAS !!!!!!!!!!! THANK YOU FOR THE TIP
I have infected by some kind of virus probably brontok new version which is cannot detect by macfee and avg antivirus and also tried many brontok removal tool but it doesn’t detect the virus/worm. It always create some word document file and in an name apa itu then folder name in the same folder. I tried many process to get rid off this worm but cannot please give some permanent solution without formating or installing any other softwares so that i can remove this virus…
Dear Sir,
2- 3 weeks before My computer had Brontok Virus. afterwards i was used avg7.5. it was detected the virus and heal it. but now my computer’s regedit command not working and also if i am double clicking my c: or d: drives it will goes to open with window .plz. give me a good solution for this plm.
velu
ive heard that the brontok virus can transmit via usb/pen drives. Does this hold true for ipods as well? cuz an ipod is technically a really big usb drive with media player capablities
kiram to dahane mahsa O.K
Since brontok was made by indonesian, many indonesian anti virus programmers hence created many anti virus softwares and removals, since they know it better than their peers outside indonesia.
Some of features of the anti viruses are not merely cleaning the virus, they may also reveal the hidden files hided by brontok varians.
The brontok itself is released it’s variants frequently. the first version was made by VB, but now using C and Assembly.
I recommend Ansav Anti Virus that you can download via ansav.com this anti virus is created using assembly and is portable so you can use it without installing. You may also see many informations about made-in-indonesia virus by visiting virusidonesia.com, the official portal of pcmav, one of well known anti virus app for indonesian virus.
Good luck.
use MWAV toolkit to get rid of Brontok worm. To get hold of the toolkit visit: mwti.net/products/mwav/mwav.asp.
This appears to be the binary contents of the latest strain… I am scanning the HDD’s of each infected PC for this string and removing the infect files. I am doing the scan from an uninfect PC…
try downloading avg antivirus from ……grisoft.com and ull aslo find free updates …download them….and scan ur system…ull surely cure the problem of brontok
i have a problem about the auto ran folder…please answer my question…
goddamn. i’m filipino. and tho it makes me a bit proud that a filipino made the infamous “i love you” virus, i still hate people who brag about having made a virus. as if making other people’s lives more difficult is their lasting contribution to the advancement of technology. sadistic sobs
Yea sravan… delete all the registry keys in ur pc (type regedit in the run window, to find it type it in the folder search bar in your windows folder) and all your windows folder files.. the after that off your pc plug and then open the window and throw it down.. this will surely kill the whole pc resulting in a pc free brontok virus! try it!it works.. after that but a new pc one that’s installed with an antivirus say AVG for instance! (no this is not free advertising for AVG)
hi guys..
Even i had a problem with this bloody worm brontok.
I scanned my system with Sophos BRONTGUI tool. It detected and removed 13 files of win32 brontok k worm. But donno whether the worm can effect any further..Any permanant solution for these.. plz inform guyzzz…
hey guys… wants to all varian’s brontok remover’s… visit the virusindonesia.com for download pcmedia anti-virus (PCMAV). why I recommended you with the PCMAV…. because brontok virus was make by indonesian’s people. I’m indonesian’s too…, and I’m virus maker. my virus : black_love revolutions….
see you….
syawal regards,
Brontok Washer will not be enough alone i think to clean the damn worm. no matter how many times you run the washer, most probably the worm will create again duplicate folder applications in your documents. take note that as long as there’s a single file infected with it, it will never be removed in your system! NOD32 is good at best as long as you update its virus database signiture. try running both! it will be of great help! NOD32 then the washer… just try it!
BTW, beware of the ‘smallk virus’ it can spread like wildfire from one system unit to another through flashdisks, external HD and or just any storage device that you use which that includes you mp3 players, ipods, cam…etc. it will cripple your autorun, specifically your main HD! it will be a pain in the ass to get rid of this once your system gets infected. be careful guys!
Thanks man, your suggestions worked well
@ Humair Run Brontok washer and Compact AV
I have got a stupid virus. it creates folders everywhere. Also zonealarm keeps telling me something about nkruls.exe, conime.exe, mahsa and oso.exe. what are these? am i infected with brontok? sometimes when i try to install an antivirus the window closes. Why?
Brontok washer is very effective…try it…
Brontok washer really help me remove the virus BRONTOK…tnx a lot.
I just found out that almost most of my files are affected by brontok virus. try these software…hope it hepl!!!
hey guys! try using system restore… i once had a virus on my pc. if you knew when was the date you had the virus you can restore your pc back to its original system on the specified date that you want.
Hi Pow,
To simplify the tasks (I tried the same methods to help many),
1. Install the latest Avast (Avast.com/)
2. It should remove 99% but the message may still pop up.
3. Install spyblaster (download.com/)
4. To delete the remainng if any, scan all diskettes, etc.
5. If not happy, try microworld.
6. You should be happy by now.
As far as I know, we are not expert, we must avoid the complex and eventually end up screwing up our computer.
Good luck.
hey guys, i would also like to ask for your help.
when we checked our computer once and we found out that the “folder options” menu (and folder in control panel) were already gone so we ran an antivirus. i first tried running kaspersky and sure enough the brontok virus was found and removed. then i un-installed kaspersky (because of those pesky pop-ups) and installed norton and sure enough no more brontok. but the problem is 1. folder options is not yet there, 2. can’t run regedit, pop-up says “registry editing is disabled by your administrator”. *^$#^$& it’s a personal computer g)^$#^^%t! i already have a step-by-step procedure provided by norton but still nothing. &&^$%&!
i’l try #2′s manual procedure, then the softwares above. please help if you have other inputs. thanks!!!!
i hope those tools will remove the virus in my pc forever
& dont forget to turn of the system restore at this time by going 2 properties ” my computer”
Hi friends,
U can find this virus in ur operating system disk with a folder :- heap41a
Eg. c:\heap41a or d:\heap41a etc.
in regedit search *heap41a* delete all the file present with this name & also find *.exe delete them 2.
I forgot to mention another part. To remove brontok and leave no trace; I suggest you try “Microworld antivirus 9.1.x” from download.com/. It clean totally! If this doesn’t world, try nod32. (Always use double protection.)
Just use the twister from filseclab.com.
It has successfully cleaned the replicated folder. (This is quite a menace especially when I used the usb flash key with high capacity.)
this virus is making a copy of every folder in my documents , & then whenever I enter these copies , it returns me to the main folders in the my documents, so fallin into an infinte loop…
I have this virus on my pc, and it shuts down the system the moment i download or run any .exe file so none of the tools are helpful to me to remove this virus. what should i do please help. thanks.
hey edwig
how do i do it? ie; system restore? pls leme kno
i tried compactbyteAV.. it seems to have worked.. brontok washer doesn work.
tho my anti virus detects it.. it shows the msg “cannot be deleted or quarantined. check if the file is copyrighted”
anyway.. thank you.
I forgot to add that the System Restore option is only applicable for Windows XP users and Windows ME users. WIndows 2000 DO NOT have the System Restore option. Be advised
Hi ppl
It is not always enough to just clean the virus. Whenever you remove a virus from your system, you must make sure that you disable the System Restore and then restart. After restart you should scan the PC again to ensure the virus does not reappear from the Sytem Restore backup. Once that is done THEN you can enable the Sytem Restore again.
The reason for this is , most virus will also be saved in the System Restore when the backup checkpoint is generated. And later it can comeback from this copy. By temporarily disabling the System Restore, you can prevent the virus from attaching a copy of itself to the backup files.
hey edwige… wats does those chinese symbols mean??? i cant understand it.. and how if I don’t know how to delete it? can u show me a step by step picture image on how to do it??? pls… and i love the swearin by u guys hahaha… d brontok creater is a sob ma f*cka who’s a dumb s biatch who’s a freakin retard… wat an insult he is to the freat vacation place indonesia is… esp BALI.. neways EDWIGE pls email me a detailed step by step pic on how to clean the virus according to wat eva u wrote there.. cos i can’t understand the chinese symbols… hahaha
How to disinfect the computer from the worm Brontok-I ?
I have not found a virus disinfection tool for this version of Brontok so I present that I have done to disinfect my computer. Sorry for my English but I am French. And I am not a professional so there may have some missing things even if my computer works well now!
6) Putting into quarantine of the infected files thanks to an anti-virus
I have used Avast4 Home Edition which is a free anti-virus available from avast.com/fre/download-avast-home.html .
You should do first a scan (thorough mode) before the start of the windows log and one after if you have not found all the following files:
Below you have the infected files created by Bontok-I and found by Avast4 on my computer :
(NB :
Brontok Washer successfully removed brontok from my laptop. thanks!
hey there any solution for remov brontok virus withot format the pc.plz sed me
Thank you so so much you have been very helpful. My computer was infected by the Brontok.A virus. I thought it was hopeless and the only recourse I had was a reformat, something which I don’t look forward to what with the inconvenience and all. BitDefender worked for my computer. Whew!
i had my folder missed,coudn’t read the sound file tipe,and display the bangsawa is name of file,wich is displaying some indonesian words
please help t overcome . . .
help me in removing brontok
hey! that compact byte really helped me out with that brontok. thanks for the info, btw.
I will try to remove brontok virous by the tools that you have displayed on the web. Thanks………
i raymond..i’ve already run the cleaner it works but everytime i restarted my computer, it’s still have that stupid brontok….why? Now it’s blocked my window and i cant get through..it just left me to the logon window..when i type the password, automatically it log off…
hi there..about the brotoc removal thing,try using the avg 7.5 and the anti vir,then scan it in a safe mode.and please do update the virus definition files before scanning the system..brontok is really a pain in the ass..it works fine with us here in the office.
Certainly is a motherf*cker this virus! I’m doing an internship in Ghana and somehow everyone has it here! I finally got it removed with my norton internet security, just have to make sure I don’t get it again! Anyway, heard the virus is from Indonesia, have they captured this dude yet?!!? Though I still don’t have my folder options back, does anyone know how to switch that on?
Good luck battling Brontok, greetz,
Benjamin
hey there. first i would like to share to all how brontok affect all of my computer here in my computershop. i found it when some of my files are deleted but didn’t delete it. now i know how to remove this virus. all i have to gonna do is to reformat all of my computer then install a great anti-virus like avg or Norton.
note: if you are in computer shop and when you reformat all computers make sure to turn off hub or router for networking cause when you reformat it it will gonna back to same problem. if your computer is in network connection make sure to turn of or disable your connection. reformat computer 1 by 1 and don’t use networking to copy some files. make sure that all computer that u have reformat is installed a hard or great anti-virus.
ryan,
philippines
hey you need to see the brontok strain like brontok.A or C so its easer to find a program to figth it. i used CompactbyteAV program for the C strain and worked really well , brontok was in my images folder so you should scan the affected drive or folder with that program for better results.
My MacBook run two operating system which i used both at the same time but when this brontok infected my lappy it turned off by itself all the time and whenever am surfing the net it keep displaying the same stupid message as if people in the world understand the heck of bloody indonesian. it totally destabilized my both operating system Windows and Mac. Anyway Raymond thanx for the remover tools man hopefully this will work!
Yeah, brontok is VERY destructive. I understand how you feel redmarker.
thank for providing the tools to remove the Brontok. thanks a lot…
my pc got AVG 7.5 free edition, but i feel that it can detect the VIRUS well. so can recommand any anti virus software which it powerful???
If possible, try all of them.
hey raymond…do i have to install all the 7 cleaner tool or just one of them??help me…everytime i run regedit it’s shut down itself..
im vj from the philippines…. the brontok virus is really pain in my ass…. try using nod32… and it works really…
hey finally i got rid of that virus , i used all the scaners but only two worked ,that was compactavbyte and Brontok Washer.after i scaned the hard drive he virus was removed but it did lot of damage to the OS .so i repaired it using WINXP CD.:)
tell me if this worked.
Download the 7 brontok cleaner tools I listed above on another computer, copy it to your USB thumb drive and then transfer it to the computer that’s infected by Brontok virus.
Run the cleaners! Installing Anti-Virus won’t work because Brontok will terminate it before it’s installed.
this brontok has been bugging my pc for a long time. i’ve tried installing new anti virus but it just shut down the program. i also can’t access the task manager. help please. i need a tool that would rid of brontok without the need to connect to the internet. Thanks
does NOD32 really can remove the brontok virus?? i have a friend whos laptop is infected by a brontok and shes using a mc afee 06 anti virus and i think mc afee cant remove the virus… pls help!!
i used at first nod32 at it was a great success in removing the brontok.. and another software to remove it,is called kaspersky anti virus and it works great.really have difficulty to remove the new version of brontok where it locked the avg 7.5 anti virus and the task manager(was losing hope and trying to format the cpu)..cannot see the hidden file even we set the view folder.
my colleagues told me to use one of the above anti virus and it removes successfully and about more than 2000virus in my folder..
hope it helps
hi..thanx 4 providing d tools 2 remove brntok…it really helped me!
:)