can't remove brontok - tried everything

Sorry if this is covered elsewhere. I did a search but could only find the same information I already have.

I cannot remove brontok. I have now tried 5 different removal tools (some say there’s no infection and some delete the files only for them to reappear minutes later - often during the scan!).

I have tried 3 avast boot scans with the same results.

I can’t find any of the listed registry entries in my registry (even when I search for parts of the strings).

I’ve tried everything I can think of or find on the net. I don’t know what version of brontok it is as it just says W32 brontok [wrm]. There doesn’t seem to be anything bad happening to my machine apart from avast finding the files in my all users/documents folder every two to three minutes (whether I delete them through avast, manually, or move them to the chest).

Avast is a great tool but why can’t it do anything about this thing?

Please help. It’s driving me round the bend.

Thanks.

Why can’t you remove it, what errors are you receiving ?

What Operating System are you using ? is it up to date ?
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.

The fact that it reappears would indicate there are other elements restoring it or downloading it again.

Do you have a firewall and if so what is it ?

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.

  1. Ewido, a.k.a. avg anti-spyware If using winXP. or a-Squared free if using win98/ME.

Have you tried this tool:

http://www.bitdefender.com/VIRUS-157247-en–Win32.Brontok.A@mm.html

Try a few rootkit scanners and see if they find anything:

http://www.f-secure.com/blacklight/

http://www.antirootkit.com/software/Panda-Anti-Rootkit-Tucan.htm

Could you post a HijackThis! log for us to look at?

http://www.bleepingcomputer.com/tutorials/tutorial42.html

Have you use this tool?
http://www.compactbyte.com/cav/index.php

p/s: I hope avast will add Brontok virus removal in avast! Virus Cleaner.