Troubleshooting Brontok Virus – How to Remove Brontok Virus Manually

Brontok Virus is a Windows computer worm most rapidly spread over the internet that is well known to reach you as an email attachment and forwards itself to email addresses in your contacts list or to your IM contacts. Brontok Virus creates registry values that disables access to registry editor and also folder options in tools menu. Brontok Virus also creates .exe files in almost every folder on your computer usually named as Folder.exe
Computer Virus Detected
As you know, almost all the virus in your computer are nothing but registry modifications that effect the stability of your computer. When these registry keys and values are deleted, your computer is recovered from a virus. As this Brontok virus has disabled the access to registry editor itself, to remove Brontok virus from your computer first enable registry editor by deleting those unnecessary registry values created by brontok virus using command prompt and then proceed with the troubleshooting steps to remove Brontok virus manually from your Windows PC.

Steps to Remove Brontok Virus Manually from Windows PC

1). To access the command prompt go to Start–>Run… and type cmd or command and click OK.
type cmd command open a command prompt
2). At the command prompt type the following commands and press enter. Choose ‘y’ when prompted to confirm the deleting process.

reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system /v

reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\system /v DisableRegistryTools
Remove Brontok Virus Manually from Windows Using Command Prompt Command Reg Delete to Delete the Registry Value DisableRegistryToolsThese commands delete the registry value named “DisableRegistryTools” under the specified registry key and thus enables the registry editor.

3). To enable the Folder Options, let’s delete the registry value that is causing the problem.

Go to start–>Run… and type regedit and press OK.
This opens the registry editor window.

From the left pane of your registry editor, navigate through the registry key
and delete the registry value found in the right pane named “NoFolderOption”
Remove Brontok Virus Manually from Windows - Delete the Registry Value NoFolderOption
This process can also be done giving the below command at the command prompt.
reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOption

4). Access registry editor and from the left pane navigate through the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run to find registry entries with value name containing words such ‘Brontok’ or ‘Tok-‘ and delete them.

5). To remove unnecessary .exe files created on your PC, go to windows search and search for *.exe files in ‘My Computer’. Also tick the boxes that says ‘Search system folder’, ‘Search hidden files and folders’ and ‘search subfolders’ under the More Advanced Options. This will list out all the executable files on your system. Find those exe files that are displayed as folder icon usually with the name Folder and delete them.

6). Close all the Applications and restart your PC.

That’s it!! You have successfully removed the Brontok worm virus.

As a precautionary note always be careful when accepting any email attachments from unknown sources. Its much better to defend your system by using a updated anti-virus software.


Leave a Reply

Your email address will not be published. Required fields are marked *