Worm removal - Win32:VB-AQN

[jim]

I haven't been infected for years so my removal skills are non-existent.  Avast Home on-access scanner first discovered this infection in a file in the X1 desktop search folder: bszip.dll.  I understand bszip.dll is a common zip utility.  Avast was unable to clean it and I have been unable to delete the X1 folder (or remove the program) because the computer reports that I don't have sufficient privileges.  An attempted scan of that folder by Avast failed because Avast reported that the folder doesn't exist.  I am currently doing a thorough scan of the entire drive, but I wonder what the next step is.  My next step is a boot scan. Can someone recommend a how-to if I need to do more?  Thanks.

Jim

I'm using WinXP Pro (up to date)

[polonus]

Hi jim,

Here is the technical info on this worm:
http://www.sophos.com/security/analyses/w32brontokbh.html

polonus

[Lisandro]

A boot time scanning is not bad.
Maybe using ewido and a-squared in the Admin account will be good too.
There is a possibility (in my opinion) of this detection be a false positive.
Can you submit the file to on-line scanners?
Jotti
Trendmicro
Virustotal
ewido

[polonus]

Hi Tech,

That was also the reason for giving the technical detail, so jim can establish himself that this is real or a FP. The latter was crossing my mind also, but better make sure once and for all.
If uploading reveals that there is a FP involved, he should send the file to avast,

polonus

[Lisandro]

Hi Tech, That was also the reason for giving the technical detail, so jim can establish himself that this is real or a FP. The later was crossing my mind also, but better make sure once and for all. If uploading reveals that there is a FP involved, he should send the file to avast

Yeah, you're fully right