MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Do more with FirefoxNEW

What is a computer virus?

Alert: Computer Virus Outbreaks

AVG Alternative Update URL

AVG Anti-Virus 7 FE

AVG Anti-Virus 7.5

AVG Email Server Edition

AVG File Server Edition

How to - Avoid Getting Infected

How to - Disabling System Restore

How to - Put Windows in Safe Mode

MAC OS X Anti-Virus

Removal of Trojan

Removing File Locked by OS

Stop the virus Ping-Pong

The real thing !

Viruses: Email-borne

Viruses: On-line Scanners
Home » Virus Protection » Alert: Computer Virus Outbreaks » 

Gaobot Computer Virus

Gaobot, is infecting some machines on network causing them to become Spam relays. Use the stinger tool to remove this virus and get unblocked.  In addition, you can download Gaobot Removal Tool NEW!

W32.HLLW.Gaobot.gen is a generic detection that detects variants of W32.HLLW.Gaobot. If your computer is detected as infected with W32.HLLW.Gaobot.gen, download and run the tool. In most cases, the tool will be able to remove the infection.

Removal Instructions for the Gaobot Virus (W32.HLLW.Gaobot) 

REBOOT INTO SAFE MODE WITH NETWORKING - Reboot your computer, holding down the F8 key as it is starting up. This should bring you to a menu of options. Use the arrow keys to navigate to Safe Mode with Networking. Press Enter.

SEARCH HARD DRIVE FOR VIRUS FILES - In Windows NT/2000, go to Start, Search, Find Files or Folders.
In Windows XP, go to Start, Search. Choose All files and folders from the list of options on the left side of the screen.
Search for the following files:

  • scvhost.exe
  • sysldr32.exe
  • svchos1.exe
  • winhl32.exe
  • winhlpp32.exe

If any of the above files are found, delete them.

REMOVE REGISTRY KEYS - Go to Start, Run, and type regedit. Press CTRL-F to "find". Type scvhost and press Enter. If a registry key is found that contains scvhost, delete it. Then, press F3 to "find next". Continue to "find next" until you get a message that says Finished searching the registry.

RUN WINDOWS UPDATE - If asked to install the latest Windows Update software, select Yes.
Click on Scan for updates. After scan is completed, click on Review and install updates. There are three categories of updates available from the Windows Update site:

  • Critical Updates and Service Packs
  • Windows 2000 or XP Updates
  • Driver Updates

You should install all Critical Updates and Service Packs. However, it is not necessary to install Windows 2000/XP Updates or Driver Updates.

Once you have selected the updates you wish to install, click Install Now. Depending on how many updates you are installing, the process may take 5 - 25 minutes. When updates are finished installing, you will be asked to reboot your computer.

UPDATE VIRUS DEFINITIONS - If you have Norton AntiVirus or Symantec AntiVirus, open your anti-virus software and click on the LiveUpdate button to obtain new virus definitions. Definitions dated 10/29/03 rev.7 and later will contain the necessary files for detecting the Gaobot virus.

SCAN HARD DRIVE - Once your virus definitions are up to date, use your anti-virus software to run a full hard drive scan. If any files are quarantined, delete them.

Gaobot Virus in the News:

ALL 360 public schools here have been disconnected from the Ministry of Education's computer network after some machines in several schools were found to be infected with a virus.  To prevent the Gaobot virus from spreading, teachers were told not to turn on their computers yesterday morning - May 2004, Singapore.

The notorious Gaobot computer virus continues to spread across campus. It has infected almost a thousand computers and is responsible for slowing down Stanford network connections.  Last week — some students were unable to access the network at all.  After infection, the Gaobot finds a way to communicate with “Botmasters”, which are probably owned by the author of the virus. These Botmasters instruct the virus how to act.  Because the virus doesn’t cause any other observable complications, the infected computers continue to function and all user data is retained. This is one reason why it is so difficult to detect infected systems. - May 2004, Stanford, USA.

 

commentPost your comment 
Mail this pageMail this page


© 2004-2008. All Rights Reserved.