Brontok Virus is a Windows computer worm most rapidly spread over the internet that is well known to reach you as an email attachment and forwards itself to email addresses in your contacts list or to your IM contacts. Brontok Virus creates registry values that disables access to registry editor and also folder options in tools menu. Brontok Virus also creates .exe files in almost every folder on your computer usually named as Folder.exe
As you know, almost all the virus in your computer are nothing but registry modifications that effect the stability of your computer. When these registry keys and values are deleted, your computer is recovered from a virus. As this Brontok virus has disabled the access to registry editor itself, to remove Brontok virus from your computer first enable registry editor by deleting those unnecessary registry values created by brontok virus using command prompt and then proceed with the troubleshooting steps to remove Brontok virus manually from your Windows PC.
Steps to Remove Brontok Virus Manually from Windows PC
1). To access the command prompt go to Start–>Run… and type cmd or command and click OK.
2). At the command prompt type the following commands and press enter. Choose ‘y’ when prompted to confirm the deleting process.
reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system /v
DisableRegistryTools
reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\system /v DisableRegistryTools
These commands delete the registry value named “DisableRegistryTools” under the specified registry key and thus enables the registry editor.
3). To enable the Folder Options, let’s delete the registry value that is causing the problem.
Go to start–>Run… and type regedit and press OK.
This opens the registry editor window.
From the left pane of your registry editor, navigate through the registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
and delete the registry value found in the right pane named “NoFolderOption”
This process can also be done giving the below command at the command prompt.
reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOption
4). Access registry editor and from the left pane navigate through the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run to find registry entries with value name containing words such ‘Brontok’ or ‘Tok-‘ and delete them.
5). To remove unnecessary .exe files created on your PC, go to windows search and search for *.exe files in ‘My Computer’. Also tick the boxes that says ‘Search system folder’, ‘Search hidden files and folders’ and ‘search subfolders’ under the More Advanced Options. This will list out all the executable files on your system. Find those exe files that are displayed as folder icon usually with the name Folder and delete them.
6). Close all the Applications and restart your PC.
That’s it!! You have successfully removed the Brontok worm virus.
As a precautionary note always be careful when accepting any email attachments from unknown sources. Its much better to defend your system by using a updated anti-virus software.
this trick don’t work on Vista
@moneymoney It works well on Windows XP and I hope it works all right with Vista and other Windows versions as well. Can you spott at which step you are facing the problem. Be more specific for which you think this trick doesn’t work with vista. Anyways nice to hear from you and I’m glad that you tried to remove brontok virus manually using my troubleshooting tips. Tune in to my future posts and post in your valuable comments.
When i tried to search DisableRegistryTools i am not to find it even i have tried your CMD trick that is also not working i am getting some REG DELETE Error.I think this trick work in Windows XP.but i will say u are doing really good work i appreciate.
@moneymoney first of all let me ask you a basic question. Is you PC infected with brontok virus? If the answer is no then neither of the two commands I have mentioned work on you PC, coz the string value DisableRegistryTools doesn’t exist in your registry. Moreover the search shouldn’t be done for DisableRegistryTools. The search I have mentioned is to list all the .exe files on your PC. So in the field that says ‘Type all or part of the filename’ in Windows search you have to give *.exe as the search term. Even if that string value does exits in you registry how can you find it on Windows search? Windows search cannot find registry keys or values. So DisableRegistryTools is not what you have to search for. Hope you have understood. Let me know if your computer is infected with this brontok virus and found this trick not working on your PC, so that I can come up with the solutions that suits you.