We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.

Close

Le Support de BullGuard

Nous sommes ici 24/7 pour vous aider


Envoyez un e-mail à notre équipe d'assistance et nous reviendrons vers vous dans les 24 heures qui suivent.


 

How to remove Win32.Brontok.A@mm

 

 

Description:

The worm prevents access to Registry Editor and specific executables, forcing the restart of the system when it detects their corresponding processes running. The worm creates copies of its main executable in %UserProfile%\Local Settings\Application Data with the following file names: smss.exe, services.exe, lsass.exe, csrss.exe, inetinfo.exe, winlogon.exe. The threat also writes values into the registry to ensure the infected files are executed on every system boot and the user is unable to view hidden system files.


REMOVAL PROCEDURE:

1. Download the archive containing the removal tool for this type of infection from here

2. Save the file on your harddisk and extract it to a new folder

3. Reboot the computer in Safe Mode ( Windows XP / Windows Vista )

4. Run the removal tool (AntiBrontokA-en.exe)

5. The tool will find any Brontok-infected files on your computer, kill the worm's processes, restore acess to the Regedit Editor and Folder Options and fix the registry entries modified by the worm

 

 


Author:
The BullGuard Team



00: 00: 00: 00
Jours Heures Minutes Secondes
Close