How to Remove the Brontok Virus

By Ramya Hariharan

Brontok is a computer virus that usually affects Windows systems. It spreads when an e-mail attachment is opened, disabling anti-virus programs, creating multiple copies of itself and placing them in several locations on your hard drive. There are many variations of Brontok virus, starting from Brontok.A, Brontok.B through Brontok.Q. These viruses can be removed by using standard anti-virus programs or manually using some Brontok removal tools.

Step 1

Disconnect your computer from the network and disable "System Restore". To access "System Restore", navigate to Start->All Programs-> Accessories->System Tools.

Step 2

Restart your system and press the F8 key to log-in in the safe mode. Safe mode is usually used for troubleshooting and fixing problems in the computer.

Step 3

Connect to the Internet, download UnHookExec.inf and install it using default settings. This is used to enable access to the Windows Registry in your computer. The Windows Registry is a database that contains all the operating system settings and options. Download the Brontok Removal tool and install using default settings. This tool can be used to modify the Registry editor settings and remove the "Brontok" virus.

Step 4

Launch the tool, then scan the Registry for infections. If infections are found, repair the Registry using the repair option to remove the infected files.

Step 5

Once the Registry repair is successful, open the Registry Editor and navigate to "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" and delete the key "Bron-Spizaetus".

Step 6

Similarly navigate to "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System" and change the attribute from 1 to 0. Repeat the same for "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" and "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer".

Step 7

Navigate to Control Panel from Start menu and select "Scheduled Tasks". Check if there are any scheduled tasks named "A1" (or similar) in the scheduled tasks list. If found, delete the task.

Step 8

Click "Start->Run" and type in "msconfig" and click "Run". In the "msconfig" window, disable all the start-up items that you do not need. Click "Save" and restart your computer.