Re: W32.HLLW.Gaobot.gen part II

From: etham (etham_at_discussions.microsoft.com)
Date: 11/18/04

Next message: Ivor Jones: "Re: XP accessing 224.0.0.2 - advice please"
Previous message: BostonBill: "Re: ylrwrs.exe rpc attack ????"
In reply to: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
Next in thread: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
Reply: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 18 Nov 2004 07:29:02 -0800

I asked a friend who is quite the expert with computers. He recommended I use
Kaspersky's AV and the program detected, blocked, and deleted the virus.

P.S. I tried Trend Sysclean before I used Kaspersky. It did not work.
Adaware did not pickup any viruses (although I don't believe thats what it
does)

"David H. Lipman" wrote:

> 1) Download the following four items...
>
> McAfee Stinger
> http://vil.nai.com/vil/stinger/
>
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend Pattern File.
> http://www.trendmicro.com/download/pattern.asp
>
> Adaware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\New Folder")
> or the desktop
> (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
> Download Sysclean.com and place it in that directory.
> Dowload the Trend Pattern File by obtaining the ZIP file.
> For example; lpt251.zip
>
> Extract the contents of the ZIP file and place the contents in the same directory as
> sysclean.com.
>
> 2) Update Adaware with the latest definitions.
> 3) Disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
> 4) Reboot your PC into Safe Mode
> 5) Using Trend Sysclean, Stinger and Adaware, perform a Full Scan of your
> platform and clean/delete any infectors/parasites found.
> (a few cycles may be needed)
> 6) Restart your PC and perform a "final" Full Scan of your platform using the three
> utilities; Trend Sysclean, Stinger and Adaware
> 7) Re-enable System Restore and re-apply any System Restore preferences,
> (e.g. HD space to use suggested 400 ~ 600MB),
> 8) Reboot your PC.
> 9) Create a new Restore point
>
> You can also try some of the below online scanners.
>
> BitDefender:
> http://www.bitdefender.com/scan/license.php
>
> Computer Associates:
> http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
>
> DialogueScience:
> http://www.antivir.ru/english/www_av/
>
> F-Secure:
> http://support.f-secure.com/enu/home/ols.shtml
>
> Freedom Online scanner:
> http://www.freedom.net/viruscenter/index.html
>
> Kaspersky:
> http://www.kaspersky.com/de/scanforvirus
>
> McAfee:
> http://www.mcafee.com/myapps/mfs/default.asp
>
> Panda:
> http://www.pandasoftware.com/activescan/
>
> RAV
> http://www.ravantivirus.com/scan/
>
> Symantec:
> http://security.symantec.com/
>
> Trend:
> http://housecall.antivirus.com
> http://housecall.trendmicro.com
>
>
> * * * Please report your results ! * * *
>
> Dave
>
>
>
>
> "etham" <etham@discussions.microsoft.com> wrote in message
> news:B8951553-414D-40DC-B3AC-62E46365B49E@microsoft.com...
> | This has been the most resistent virus I've ever encountered.
> |
> | The other night I fired up DC++, a popular P2P program used by my university
> | and upon logging in, I instantly got a warning from Norton telling me I was
> | infected. It tried to repair but it failed. I've done eight scans in
> | safe-mode using VARIOUS types of scanners (AVG, Trend, Panda, Trojan Hunter)
> | but none can even find the virus. I also used the fix tool provided by
> | Symantec but it does not find the virus either. I've disabled my system
> | restore (although I did not do so for the first scan. I was unaware).
> |
> | Any help and suggestions (other than reformating) would be appreciated.
>
>
>

Next message: Ivor Jones: "Re: XP accessing 224.0.0.2 - advice please"
Previous message: BostonBill: "Re: ylrwrs.exe rpc attack ????"
In reply to: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
Next in thread: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
Reply: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Increasing RAM advice.
... David, Thanks for the advice. ... Found two virus that both Spybot, and Adaware SE missed. ... > 5) Using both the Trend Sysclean utility and Adaware, ...
(microsoft.public.windowsxp.general)
Re: What is the file qaprfc.exe in system32.
... | Norton Anti Virus pro 2004. ... Trend Sysclean Package ... Download SYSCLEAN.COM and place it in that directory. ... Re-enable System Restore and re-apply any System Restore preferences, ...
(microsoft.public.security.virus)
Re: New Virus?
... all packages updated ... There are anti virus News Groups specifically for this type of discussion. ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ...
(microsoft.public.win2000.general)
Re: Java Byte Verify virus
... | I'm having a similar problem as the other people but my AVG virus detector is ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ... Re-enable System Restore and re-apply any System Restore preferences, ...
(microsoft.public.windowsxp.security_admin)
Re: Virus problem
... | screen a open file security warning comes up about a file called svhost.exe. ... What can I do to clear the virus off my machine? ... Trend Sysclean Package ... Download SYSCLEAN.COM and place it in that directory. ...
(microsoft.public.security.virus)