Download and run these three scans. Delete everything that comes up. Restart your computer.



I provided the links. First -anti virus Second- Spyware Remover Third- Adware Remover



http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10543927.html?tag=lst-0-1



http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=lst-0-1



http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10399602.html?tag=lst-0-1

2

Haha @ Rich Web Tech. He went to the Mcafee website and copy pasted their words. Lol. Try these.



First and foremost, do not trust all answers here on Yahoo! Answers. People who are giving you sites to "remove" your virus may ( not intentionally ) give you a virus. Those programs such as SuperAntiSpyware and Avari are malware in disguise. To keep you system secure, research the programs instead of frantically installing all programs to get rid of the virus. Now here are some things you can use. Once again, if you do not trust me, research them.

To begin this process, we need you to go to www.download.com and install Avast! antivirus and AVG antivirus. Scan with them if they remove it, great if not then...

* Before starting, restart your computer and tap the F8 key to boot up in safe mode. Try Avast and AVG there. If not then do the following.



1. Go to www.housecall.com. It is a site with the best online antivirus scanner from Trend Micro.



2. Scan it if it removes your problem. great if not continue with these steps.



3. Go to www.mcafee.com and find the free online scanner.



4. Go to www.bitdefender.com and try their scanner.



5. If none of the online scanner get rid of the problem, go to www.free-av.com and install AntiVir which is a great,free, antivirus.



6. At this point, if your virus is still not gone, then you have to resort to heavy artilary with a trained professional. Ill give you the basic things you will need then follow onto www.bleepingcomputer.com and post your HJT log there. Ill show you how to do that.



- www.download.com

- Search HiJack This

- Install it and go to www.bleepingcomputer.com

- Find the appropriate section and post it there.

- A professional will help you out.





If you'd rather not use this method then there is one,ultimate,virus remover that will get rid of all viruses. You know what that is? A system reformat. System reformat wipes everything out of your hard drive. Note that this will make it how you jut bought your computer with no programs of yours installed. To do this, either



A. Use the recovery CD that came with your computer.

B. When you first start up your computer, tap the F10 and follow onscreen instructions.

This is a virus detection. Viruses are programs that self-replicate recursively, meaning that infected systems spread the virus to other systems, which then propagate the virus further. While many viruses contain a destructive payload, it's quite common for viruses to do nothing more than spread from one system to another.



Aliases

W32.Rontokbro@mm – Symantec W32/Brontok-N – Sophos Win32/Brontokbro.A.A – Eset Win32/Robknot!Variant!Worm – CA eTrust Worm.Win32.Brontok.a – Kaspersky Characteristics

W32/Rontokbro.gen is a mass mailing worm which attempts to send a copy of itself to email addresses harvested from the computer.



The characteristics of this worm, with regard to file names, folders created, port numbers used, etc, will differ from one variant to another. Hence, this is a general description.



When executed, the following actions are performed by this worm:



1. It modifies various windows explorer settings. This includes the removal of the “Folder Options” item from all Windows Explorer menus.



Hkey_Current_User\Software\Microsoft\Windows\CurrentVersion

\Policies\Explorer\

Data: NoFolderOptions = 1 2. It overwrites the file “C:\autoexec.bat” to include the line "pause".



This is so Win9x & WinME systems will pause at each Windows start up 3. It drops a copy of itself along with other files into the following folders:



%System%\Administrator's Setting.scr %UserProfile%\Appdata\BronFoldNetDomList.txt %UserProfile%\Appdata\csrss.exe %UserProfile%\Appdata\inetinfo.exe %UserProfile%\Appdata\Kosong.Bron.Tok.txt %UserProfile%\Appdata\ListHost8.txt %UserProfile%\Appdata\lsass.exe %UserProfile%\Appdata\NetMailTmp.bin %UserProfile%\Appdata\services.exe %UserProfile%\Appdata\smss.exe %UserProfile%\Appdata\Update.8.Bron.Tok.bin %UserProfile%\Appdata\Update.AN.8.A.Bron.Tok %UserProfile%\Appdata\winlogon.exe %UserProfile%\ Start Menu\Programs\Startup\Empty.pif %UserProfile%\Templates\WowTumpeh.com Note:



%UserProfile% is a variable location and refers to the user's profile folder.

%System% is a variable location and refers to the windows system directory.



4. It modifies the following registry entries to run at system startup:



HKEY_Current_User\Software\Microsoft\Windows\

CurrentVersion\Run "Tok-Cirrhatus-3444"

Data: "C:\Documents and Settings\Administrator\Local Settings

\Application Data\br7911on.exe" HKEY_Local_Machine\Software\Microsoft\Windows\

CurrentVersion\Run "Bron-Spizaetus"

Data: "C:\Windows\ShellNew\RakyatKelaparan.exe" 5. It modifies the HOSTS file to re-direct security related websites to 127.4.7.4 address.



The following is a brief list of redirected websites:



mcafee.com nai.com kaspersky.com grisoft.com norton.com symantec.com norman.com trendmicro.com sophos.com perantivirus.com virusalert.nl antivirus.pagina.nl virustotal.com Redirecting network traffic for these URLs to the Local-host leads to the user not being able to browse the WebPages belonging to these domains.



6. When it detects a window whose title contains the string “exe” the worm reboots the machine.



7. It scans for open Network Shares and copies itself into the folders found. The file name becomes the name of the folder into which it was copied.



8. It adds a task to the “Windows Task Scheduler” to execute itself at 5:08 PM every day.



Miscellaneous Information:



This worm is written in Visual Basic It uses the windows “Folder Icon” as its icon. This is to trick users into opening it, effectively executing the worm Upon execution, it opens an “Explorer” window in an attempt to hide its process In order to make the dropped files harder to find, the files have their attributes changed to hidden/system files It disables Registry editing tools

Symptoms

Inability to access the security related websites listed above due to the modifications made to the HOSTS file Desktop firewall program alert that a foreign program is trying to access the internet Presence of the files/Registry keys mentioned above Inability to run Regedit.exe Inability to change the Windows folder options Method of Infection

This worm, using its built-in SMTP engine, sends itself as an attachment to email addresses harvested from the infected machine.



Removal

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.



Try a free virus scan at trendmicro.com to get rid of it

Spyware, Adware, Trojans, Malware, Dialers, Popups:

http://www.lavasoftusa.com/software/adaware/

http://www.ewido.net/en/download/...

http://www.javacoolsoftware.com/spywareblaster.html

http://www.download.com/Bazooka-Adware-and-Spyware-Scanner/3000-8022-10247782.html

http://www.javacoolsoftware.com/sgdownload.html

http://www.safer-networking.org/

http://www.download.com/HijackThis/3000-8022_4-10379544.html

http://www.emsisoft.com/en/software/download/

Online Scanners:

http://www.webroot.com/consumer/products/spysweeper/freescan.html?

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

http://www.pandasoftware.com/products/activescan.htm

http://www.bitdefender.com/scan8/ie.html

http://www.windowsecurity.com/trojanscan/

http://www.kaspersky.com/virusscanner

http://www.spywareguide.com/onlinescan.php

http://housecall65.trendmicro.com/

Spyware, Adware, Trojans, Malware, Dialers, Popups List:

http://www.softpedia.com/catList/104

Antivirus:

http://www.grisoft.com/

http://www.avast.com/

Antivirus Lists:

http://www.softpedia.com/catList/1

Firewall:

http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp?dc=12bms&ctry=US&lang=en&lid=staticcomp_za

Firewall Lists:

http://www.softpedia.com/catList/97

IP Blocker:

http://prdownloads.sourceforge.net/peerguardian/pg2-050918-nt.exe?download

System Cleaner:

http://www.ccleaner.com/

System Cleaning List:

http://www.softpedia.com/catList/98

System Info:

http://www.softpedia.com/catList/92

All of these are free.

Spybots search and Destroy http://www.download.com/3000-8022-10122137.html?tag=pao

adaware se> http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10399602.html?tag=lst-0-1

http://www.webroot.com/land/freescan.php

a-squared Free> http://www.emsisoft.com/en/software/free/

http://housecall.antivirus.com/housecall/start_frame.asp

http://housecall65.trendmicro.com/

X -Cleaner Micro Edition scan http://www.spywareguide.com/onlinescan.php

http://www.kaspersky.com/virusscanner

http://www.windowsecurity.com/trojanscan/

http://www.bitdefender.com/scan8/ie.html

http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm



http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

http://www.javacoolsoftware.com/spywareblaster.html

Spywareguard too.

http://www.javacoolsoftware.com/spywareguard.html

http://www.ewido.net/en/onlinescan/

get spyware doctor it will remove and protect from getting again.walmart has it cheap or can buy from there web site.

download a good antivirus like bitdefender

try avira antivirus, it cleans all viruses and spies&worms