W32.Rontokbro.B@mm or brontok virus is one of the most active viruses as per our experience.
Symptoms of brontok virus:
If your system is infected by this virus you will not be able to open command prompt , msconfig and even you may not be able to execute any .exe file, as it may result in a sudden system restart.
Brontok virus also tries to terminate the security related programs like anti-virus and firewall. Also adds some registry entries required to run it at every time computer restarts and also to enable no folder options settings in the registry.
We would recommend to follow the step by step procedure below to remove the virus.
Note: First of all if possible try to update your anti-virus of your system and run a complete scan and delete the infected files.
1. Disable System Restore (Windows Me/XP). Click here to know how to disable system restore
2. Download the Security Response by symentec “UnHookExec.inf” to enable registry editing.
3. Just download and Right-click the UnHookExec.inf file and click install.
5. Run it and scan your system to remove the brontok virus.
6. After complete scan you will be able to remove the virus.
7. Now you need to delete the scheduled task.
To delete the scheduled tasks added by the worm
7.1 Click Start, and then click Control Panel. (In Windows XP, switch to Classic View.)
7.2 In the Control Panel window, double click Scheduled Tasks.
7.3 Right click the task icon and select Properties from menu. The properties of the task is displayed.
7.4 Now delete the task if the contents of the Run text box in the task pane, matches the following:
8. Restart your computer.
Note: if all the above steps are followed properly virus will be removed
If you use any removable storage media, that drive may also be infected by the brontok virus. Format your pen drive or portable drive after connecting but without opening the drive.
PS: Above process has been tested to remove the rontokbro.z@mm virus, but this procedure may not completely remove the virus on certain computers.