Brontoc is a virus originating from Indonesia. It usually arrives as an attachment of e-mail named “kangen.exe” (in Indonesian “kangen” means “I miss you very much”). When the virus is activated, it copies itself to the application data directory and roots in the system by creating a registry entry in HKLM\Software\Microsoft\Windows\CurrentVersion\Run. Moreover, the virus disables the Windows Registry Editor and changes Windows explorer settings. It also removes the option “show hidden files” from Folder Options, turns off Windows firewall and disguises its executable files .exe as folders. In other words, the cunning virus does everything to ensure its long stay on the user’s PC. The Brontok virus quickly penetrates the system and if you miss just one part of it while removing it from your PC – the virus will recreate itself again. It is very important to remove the virus once you detect the symptoms of it. Manual Brontok virus removal is a complicated process. If you need a quicker solution, scroll down to the end of the article.
Manual Brontok Virus removal
To remove it manually follow these steps:
- Reboot your PC in safe mode: Click Restart the computer and during the restart process hit F8 key repeatedly. When the Windows Advanced Boot Options Menu appears, choose Restart in Safe Mode with command prompt option.
- Now you need to enable your registry editor. To do that type reg delete HKCU\software\microsoft\windows\currentversion\policies\system /v “DisableRegistryTools” and run HKLM\software\microsoft\windows\currentversion\policies\system /v “DisableRegistryTools”
- Now that the registry editor is enabled, type “explorer” without the quotes.
- Then click Start > Run and type “regedit” in the Command Prompt. Navigate to HKLM\Software\Microsoft\Windows\Currentversion\Run
- Delete entries with the names containing “Brontok” and “Tok-” from the right panel.
- Click Start > Run again and type “regedit” again.
- Now restart your PC.
- Finally click Start and in the search for files and folders prompt type .exe. When the search is finished delete all files that are displayed as folder icons.
Find HKCU\Software\Microsoft\Windows\Currentversion\Policies\Explorer\NoFolderOption and delete the entry.
Automatic Brontok virus removal:
The drawback of the manual riddance is in the fact that the virus is able to recreate itself if you happen to miss one single infected file. There is always a very high possibility that you will not be able to delete the virus completely, especially if you do not consider yourself an advanced user. So if you need 100% guarantee that you will not see the Brontok virus again, you should consider using an automatic tool, for example New Folder Fix Wizard by Security Stronghold. The Newfolder Fix Wizard is exactly what you need if you search for a perfect Brontok virus removal.em