Help - Search - Members
Full Version: Can't get rid of Brontok.A [Three Merges]
Kaspersky Lab Forum > English User Forum > Virus-related issues
triangle
21.10.2009 12:48
Please help!

We are having endless problems with this virus. It seems to keep re-infecting Windows 98 and XP machines. We have tried almost every 'fix' but haven't been able to get rid of it permanently.

Updated Kaspersky PC’s are able to block this, but once the AV is turned off (for some reason), any viruses attacking PC’s remain hidden in the PC, even after format. We have tried to manually remove the virus (ie. Deleting from registry, deleting scheduled tasks, deleting .exe folders and disabling suspicious start up programs under msconfig). The virus disables the registry too.

any solutions? Thanks.

Lucian Bara
21.10.2009 21:05
hello
please follow the guidelines and post an avz log: http://forum.kaspersky.com/index.php?showtopic=84003
triangle
6.11.2009 10:19
Hello,

I need your help. We've had this virus for the last 3 months and to date have been unable to remove it permanently. These are the problems we are facing:

Folders are being duplicated. It disables registry, msconfig and adds 2 files to the scheduled tasks. the viruses seem to move through shared folders (full access) and also through flash disks.

Updated Kaspersky PC’s have not been affected, but once the AV is turned off (for some reason), any viruses attacking PC’s remain hidden in the PC, even after format. After PC's have been infected the first time, and we think they've been cleaned, Kaspersky no longer picks them up as viruses. We thought we had completely removed the virus on one particular PC, it was working fine all day, but by the very next day, it was fully infected again, although it was not even connected to the LAN and had not been touched since the 'clean'.

Brontok is affecting our PC's running Windows 98 (2nd Ed), Win 2000 and Win XP (SP2 & 3). Windows Vista Business PC's have not been infected at all.

This is how we've been cleaning the PC's so far:

Currently we are using Bitdefender and Nod32 trial versions (we are licensed Kaspersky users), as those 2 AV's seem to be the only programs picking up these viruses. After that, we have to manually remove the virus ie. Deleting from registry, deleting scheduled tasks, deleting .exe folders and disabling suspicious start up programs under msconfig)

Any assistance would be greatly appreciated.

Thanks

Lucian Bara
6.11.2009 15:10
if you know the infected files, send them to the lab: http://support.kaspersky.ru/virlab/helpdesk.html?LANG=en
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.