Brontok Virus Has disabled Registry Editor & Anti Virus Program
Posted on 2006-03-27
I have a Windows 2003 server, which has been infected by Brontok virus (Rontokbro). I have symantecs suggested removal instructions (i.e scan the pc and manually edit the registry)> I would have no problem doing this but the virus has disabled registry editor, access to and antivirus websites. command prompt, server management, administrative tools, and the properties of the symantec services.
I have tried everything i can think of to get around this. The virus also runs in safe mode, so no luck there either. I have scanned the machine remotely, and come up blank there. Tried McAfee, and Zonealarm AV, but i cant install either of them. I did manage to deploy Symantec 9.0 to the box, but i can't run it, as any service/process with that word, or any other virus related word seems to get shut down almost immediately.
I have tried Xoftspy, which was advertised as a brontok removal tool, but it didn't managed to cure my problem either.
Can anyone help me with a way to re-enable registry editing, as at the minute i am considering buying a neck sized piece of rope and hanging myself!!
Backups are up to date (but obviously contaminated), so rebuilding is an option, but one i would prefer to avoid if possible.