I’ve been getting a warning on Win32:Brontok-AA worm, in files that do not appear in regular folders, and do not appear even when I turn on hidden files…
The files are
C:\Documents and Settings\All Users\Documents\SharedDocs.exe
C:\Documents and Settings\All Users\Documents\My Videos\My Videos.exe
C:\Documents and Settings\All Users\Documents\My Music\My Music.exe
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\Sample Playlists.exe
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\000A16C3\000A16C3.exe
What should I do since Avast! Home cannot repair them nor delete them completely?? :-\
Why can’t avast delete them, what errors are you getting ?
Possibly file in use, if so then if you have XP or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, ‘Schedule boot-time scan…’
The my documents folder is a bit of a weird beast and you will only see the my documents folder relating to your USER NAME and NOT the ALL Users one.
avast can’t repair them because there is nothing to repair the complete file is malicious.
I’ve run the boot-scan twice and it detects the files, but they can’t be repaired nor moved to chest. Since I don’t know the files, I select the delete option and it seems that they’re gone, but they return to life and avast detects them again when windows starts up again.
I turned off System Restore for all drives, run Avast! boot-scan, then did an automatic registry clean-up with RegCleaner and RegSeeker, and I’m still getting the Warning on Win32:Brontok-AA [Wrm] by Avast!, for the same files I mentioned.
I also downloaded Bitdefenders Brontok removal tool, but I think it works for Brontok-A variant, since the worm still in the computer…
Logfile of HijackThis v1.99.1
Scan saved at 01:58:10 p.m., on 07/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
There are a number of unknown entries (many relating to your acer notebook ?) that you need to check out (did you install, etc.) using a google search for the file names and fix any that require it.
You don’t appear to have the latest version of Java, you should get the latest one and uninstall the old version.
I finally had to format my laptop… I think I was getting the infection by my workplace’s wireless network. I just stopped wifi-ing with the laptop at work.
Since then I haven’t got any alert, and installed new versions for most of the software, like Java…
Hey there…Im using Avast (Home Edition) from a month now, [P-4 3GHz, 512MB RAM, Win XP MCE] , have the same issue.
Tried the steps mentioned here (scheduled a boot-time scan) deleted those files during that scan…no go.
I keep getting “a virus has been detected” message…i keep clicking on delete…it comes back again…i dont want to format my HDD just because of this…mebbe if thats the only solution, we’ll see…but right now, there must be some solution…
Clean your System Restore folder (disabling it) and your temporary files.
If you search the board for system restore disabling you’ll find a lot of info…