hi
subham here
my pc is being affected by a virus named "brontok"
and it is creating a folder in all removable drive and an application which creates a shortcut to my documents.
antivirus also cannot detect this virus
help me out.

Recommended Answers

pulled post myself...

Jump to Post

All 3 Replies

pulled post myself...

it's a cunning worm. first off, it stops most common Av applications and cleaners. so yep, if they cannot run, they sure won't find it!. It blocks any windows with .exe in the name, plus task manager and regedit. It also stops you via HOSTS file entries from contacting a lot [hundreds] of AV and online scanning sites. Cute.... oh, an it blocks a handful of porn sites too...
Xoft have a free scan that is not blocked... http://paretologic.com/xoftspy/lp/17/

Or try the removal tool from here. READ the instructions on the webpage! If you want to run this one you will have to change the .exe's name from remover.exe to... i dunno....swish.exe? [the string "remove" is blocked by the worm]
http://wirusy.antivirenkit.pl/en/szczepionki/Brontok.html
Note that I have not run this tool myself, so i don't make any warranty that it works, or will not do damage itself. Just the fact that the .exe contains a string which is blocked by the latest worm version bothers me a bit.... I cannot really recommend it, but if you get desperate...

From another clean PC u can read what you are up against here.... ttp://www.f-secure.com/v-descs/brontok_n.shtml
or try the removal method from this site... http://antivirus.about.com/od/virusdescriptions/a/rontokbro.htm
Once you are clean and pc is functioning, clear old restore points [by turning sys restore off then on again], and make a new restore point. Delete files on any thumb-drives you have used.
Come back with the result..
OTHERS HERE MAY HAVE BETTER INFO????

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.