Hi. Avast has discovered a variation of the Brontok worm called Win32:Brontok-CE in several places under the path C:\Documents and Settings\All Users\Documents…

I can’t find much information on this particular variation with a Google search and have had a lot of trouble finding a method of removing this worm. I’ve tried a couple of things over the past 2 days (can’t even remember all the software I ran) without any luck.

Avast doesn’t seem to clean it out and I’m hoping someone might be able to offer some help?

I’m running XP SP2. Avast is up to date (since it found the worm in the first place). Any suggestions? Thanks in advance.

Hi, welcome to the forum.

If you open the avast log viewer can you see the full path and name of the file? You may have to expand the colums by sliding them sideways.

Is the file in the chest?

No. Every time I try to move something to the chest or delete it, it’s regenerated by the worm. Since yesterday, I ran Trend Micro’s Housecall over the machine and Avast has been quiet ever since. I’m not sure whether the worm was fully removed, as Trend Micro’s website doesn’t seem to acknowledge this variation of Brontok/Rontokbro. I guess it’s “problem sorted” until avast starts screaming at me again.

Hi Nomad71,

Download the brontok removal tool from here:
http://adwarealert.com/setup.php

polonus