Win32/Brontok is a family of mass-mailing e-mail worms. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct denial of service (DoS) attacks against certain Web sites
Removal
- Scanning using a bootable Antivirus CD
- Performing a Boot Scan using Avast! or any AV with a similar feature
- Manual removal using a bootable CD or USB drive (Bart PE, HBCD, UBCD, Linux, etc.)
- Scanning with an updated Antivirus in Safe Mode
- Manual removal in Normal Mode (less than 5 minutes)
- etc
We'll disable it first using DTaskManager (By Dimio) and do a quick scan with Malware Destroyer which can be easily accomplished in 3-5 minutes. There are other tools available and a handful of variation in the removal process but I'll be focusing on these two.
DTaskManager (By Dimio)
EMCO Malware Destroyer
After the Brontok worm had been disabled, removal of drop files from external drives can be deleted using Explorer or by scanning
How to remove Brontok in under 5 minutes Part 2
No comments:
Post a Comment