Brontok or Rontokbro is a powerful computer virus that comes from Indonesia. Although this virus is quite old but there are still a lot of computers infected by Brontok virus because the of the capability of spreading itself through network or USB and the difficulty in removing it once the computer has been infected. Some of the built-in diagnostic utility such as the Registry Editor (regedit.exe), System Configuration (msconfig.exe) and Command Prompt (cmd.exe) are disabled and any attempt in running these tool will automatically restart the computer. Even the Folder Options icon from Control Panel and from the Tools menu at Explorer are removed. The biggest problem is Brontok can disable and corrupt most of the popular antivirus program, making it nearly impossible to be removed from the computer.
Other than resorting to formatting the hard drive to reinstall a clean copy of Windows or using rescue disk which could take hours to scan your computer, you can try some of the free Brontok removal tools to attempt in cleaning up the infection. These tools are very small in size and is normally fast in detecting Brontok’s presence and effective in removal.
1. Kaspersky Brontok Removal Tool (kwlk)
This removal tool by Kaspersky scans the known registry location and memory for Brontok’s presence when it is ran. You can scan the local drives by appending the /s switch with the program, for example kwlk.com /s in command prompt.
CleanBrontok is a free and portable tool that claims to detect and remove all variants of Brontok worm. This tool is from Proland Software, a company that develops their own antivirus software called Protector Plus. Just run the executable file and click the Scan button. It scans the whole hard drive and make take slightly longer to complete if compared to other Brontok removal tools.
3. BitDefender Brontok Removal Tool
Bitdefender, a well known antivirus company also has their own Brontok removal tool at only 38KB in size. Running the program will instantly start scanning important areas on the system such as running process, memory, startup and services files. Click the Scan button to start scanning the hard drive for any files that belongs to Brontok.
CaSIR which is short for Common and Stubborn Infections Remover. This tool used to be a shareware but has turned into a freeware. From our experience, CaSIR is very effective in removing viruses that most antivirus fails to remove. Just click the Scan button and it will prompt to restart the computer when it has finished cleaning up.
Important Note: The User Account Control (UAC) MUST be disabled in order for this program to fully perform the cleanup or else you’d end up with an infinite loop of reboot.
5. Brontok Washer
We’ve had huge success with Brontok Washer cleaning up Brontok infections. However, newer variants of Brontok virus has some sort of protection against this tool and may block it from running. Other than that, it only works on XP. If you click the Scan button on Windows Vista/7, the computer will instantly get a blue screen of death.
6. BRONTOKREMOVAL Tool
This Brontok cleaner tool is by Security Stronghold and it requires installation and a one time downloading of the latest virus definition. It scans the hard drive and is quite slow. During testing it wrongly detected the Windows Calculator as infected by Brontok when it is clean. Supports Windows 7.
7. Sophos BRONTGUI
This is probably the most popular brontok cleaners of all by Sophos. Click the Start Scan button and it tries to locate files, registry entries and processes that are infected by Brontok and automatically attempts to remove it. Take note of the additional advices provided by BRONTGUI after scanning to make sure that your computer is fully removed from Brontok worm.
8. Quick Cleaner for Brontok
Quick Cleaner for Brontok is one of the earliest removal tool that targets Brontok virus. However it was never updated to detect the newer variants and it doesn’t work on Windows Vista/7 as well. Clicking the kill virus button will cause a BSOD like Brontok Washer.
Due to multiple variants of Brontok virus that has been released into the wild, it is advisable to try all the removal tools listed above to achieve a higher chance in fully removing Brontok from your system. Make sure you run them one at a time and not all at the same time. You should avoid using the removal tools that are not compatible with Vista/7 if your system is running that operating system. If none of the tools above managed to remove Brontok from your computer, your last resort is to use an antivirus rescue disk which will surely remove all of the viruses from your system including Brontok. After removing Brontok, you can use Remove Restrictions Tool to re-enable the disabled regedit, task manager, command prompt and etc.