Hi, my computer was recently infected with the Brontok worm so I downloaded Kaspersky Antivirus and eliminated all the .exe files it created, which were found by the antivirus. My doubt is - does this mean the virus has actually gone? When I open my documents or similar folders, there is no longer the .exe file with the same folder name(as kept happening before) so I guess the situation´s improved, but I don´t know if the virus is still present in other areas, maybe hidden. I ran the virus checker in all parts of my computer and it doesn´t find anything any more. One worry though - if I open the folder WINDOWS/Local configuration it appears that there are no folders or files within it.. however,when I ran the virus check it showed two more folders after this, and runs through what seem like a load of email addresses, but which end in .ini. If I open the folder I am unable to find these folders or files, and I´m worried this is still the virus. Any help would be greatly appreciated if anyone has any experience of this! thanks

To set up the computer to view hidden files go to start>control panel>folder options>view tab>tick the circle beside "show hidden files and folders" and untick the box beside "hide extensions of known file types" and "hide protected system operating files">apply>ok. Reverse the process to re-hide the hidden files and folders.

Download CleanX-II.exe (A Brontok removal tool) from this link http://www.techsupportforum.com/sectools/CleanX-II.exe then run it and post the log it produces.

Please post a Hijack This log so that the files associated with the virus/spyware/hijacker can be identified.

Please download HJTsetup.exe from this link http://www.thespykiller.co.uk/files/HJTsetup.exe to your desktop.
Doubleclick on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click "next" in the setup dialogue boxes until you get to the "Select Addition Tasks" dialogue.
Put a check by "Create a desktop icon" then click "Next" again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click "Finish" and it will launch Hijack This.
Click on the "Do a system scan and save a logfile" button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log and post it in this thread.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.

Please download ComboFix to the desktop from this link:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to hang.)

Please post the log it produces.

Thank you for replying, and so quickly too. I´m sorry I´m a bit ignorant and don´t know what the Hijack this and the Combo fix programs are.. what do I actually need to clean my computer, is it all 3 of those things? My comp is not acually hooked up to the Net and I got the virus thru a pen drive, so do I need the Hijack this thing?
Also.. I used the bitDefender tool which has enabled my folder options tab again, so I can see the hidden files and folders now. The problem is, I don´t know what folders to delete, and the ones I do know are the virus, it won´t let me delete, it says access denied. Not sure how to tell 100% if it´s gone either! Thanks for ur help

That virus is very difficult to remove, the CleanX-II tool was designed to remove it and about the best way to do so. Download the tool to a cd then run it on the infected computer.

As for Hijack This and Combofix they allow us to see what is running on the computer in key locations. Combofix can automatically remove some baddies while Hijack This is mostly an manual removal tool. Both are tools extremely good tools. Hijack This can damage your computer if used wrongly.

Thanku for ur help.. Yeah its a bugger this one.. I tried downloading the cleanX-II tool to a disk and when I tried to run it it didn´t work for some reason. I´ll try it with a cd then, maybe that´ll work. And the other two, are they not very clear to use then? I need something to get rid of the virus from the windows files as it seems to be where it is.
Also, when I bring up the task manager window, it shows dodgy things like winlogon.exe, slrss.exe or whatever its called working, and if I try and delete them it won´t let me. Any advice? thanks