Jump to content
xisto Community
crazyteens

About Brontok

Recommended Posts

I need help to remove brontok virushere r some list of things i found about brontok:that its size is 41 kbit resides in c:/, c:/shellnew,etc (to view hidden files reboot pc in dos mode n type in cmd line dir /a:h)files cannot be downloadedso i tried to del all the suspicous file of that size.it seemed to work on the first boot as i recieved a message:"error cannot find file bronkstab.exe" n it rebooted...n there was it the file again. please help me

Share this post


Link to post
Share on other sites

*insert standard Virus reply here* :)

1. delete temp internet folder and all files in it.

2. empty cache, history, all private stuff for all users.

3. restart in safe mode.

4. do an AVG scan using an updated checklist ( i forget what they call it).

Avast is also very good.

Quarantine all the stuff it finds. *** Do not simply delete it.***

5. restart in Normal mode.

6. Use a registry cleaner to erase all the stuff that shouldn't be there.

Hijack this can assist in determining the 'bad' stuff.

Requires the assistance of "those in the know".

 

This will eliminate 'most' bad stuff. Anything left, Google it by name and seek assistance from one of the many sites available. I have used PCpitstop.com in the past and D-A-L.com. Both were quite useful and successful.

 

Lastly,

 

*** stay away from those sites that give you trouble ***

 

ie: p2p, pr0n, toolbars, filesharing sites

Share this post


Link to post
Share on other sites

last year my pc also caught this virus. in that time to remove this virus i had format my hd 4 times and got success. it is very very dangreous virus. its makes same folders under that folder and its size is 41kb. virus folder seems like: foldername.exe size 41kb.

Share this post


Link to post
Share on other sites

my usual advice for removing persistent virri, eg those that keep coming back or wont go away, is to get avast, or use your favourite A/V and schedule a "boot time scan". In avast right click the avast tray icon and once open right click on the interface of the a/v and "schedule boot time scan" then reboot and on start-up avast will kick in and put the computer into a sort of ultra safe mode where windows barely has its eyes open and it will scan the HDD and any other media devices and delete the little buggers while they sleep :lol:

 

Had to do that once or twice, it never came back, muahahaha! Its a similar thing to what jlhaslip suggested and i want to re-enforce what jlhaslip said about deleting do not delete! Archive/quarantine! i had several infected system files which i deleted using avast and well...it was like cutting a man's legs off, windows was really not happy and had to be re-installed. Wont do that again! If you do get an infected system file then you can try repairing it or in some cases get a replica of the file from MS or somewhere.

Share this post


Link to post
Share on other sites

Ok, the usual problem that has been brought to me for repair... here's the easiest way to do it.This method doesn't require an extra PC, we do it on the infected PC.Download Kaspersky Anti-Virus... the best IMO. Rename its installer to [random letters or numbers].exe or .msi, why? Brontok will detect program names and windows with 'ANTI, VIRUS, CMD, EXE' so on and closes it so you won't be able to install anything that would remove it.If you got a Kaspersky license key place it on the same folder as the installer for auto detection and get it to run in full mode.Now how can you install something when brontok closes every program installer?? We use the installer parameter! Every known installer maker have their own parameters for unattended or optional install.The Setup (This is a rough example):Right drag on the kaspersky installer and release... you'll see a menu pops up, select 'Create Shortcut'... then right click on the shortcut and select 'Properties', you are now on the shortcut properties window... on the 'Target' field after the double qoutes add /QUIET for this will install kaspersky in quiet mode without opening any window, in other words will just install in the background so brontok won't be able to detect it.Wait.... after a few minutes you will notice your hardrive had stopped its read/write process which is a good sign that it has finished installing...Restart and see the magic! It will block every autostart of the virus... now clean and scan the whole drive until it is clean.Residue? There are! When you restart again... you'll notice an error message "Cannot find.." you just have to remove it from the registry... but registry is locked right?Download 'Windows Configurator' its a free registry tweaker and unlocks your locked registry!You can now go to run type 'regedit' and search for the filename that was displayed on the "Cannot find..." dialogue box... remove that added entry.. usually added on the end of the '.exe' registry entry...If 'Folder Options' is lost... search google on how to restore it.. just requires a few registry tweaks again.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.