1. Sasser.exe Removed!
2. Welchia.B Worm Removed!
3. W32.Gaobot!inf---This one is the only one that is not being removed no matter what removal tool or process is taken.
Will this work ?http://computercops.biz/postt38030.html&qu...postt38030.html
QUOTE
I worked on a friend's computer for several hours with this variation of the gaobot virus (!inf).
I removed from the registry the entry for Microsoft (or maybe it was Windows?) Update referencing win32.exe in the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
And also delete the file win32.exe in your windows\system32 folder. Odd as it sounds, it is the culprit. Insure you do have a backup of your registry. You may have to delete the file in Safe Mode (I didn't have to). I did notice that the file got cantankerous as I was trying to remove it.. removed first from the registry.. .you then get a window period to remove the file from c:\windows\system32 (path may be slightly different). I also had to manually edit the registry to remove Norton Anti Virus, so I could re-install it. Otherwise it would not enable in the System Tray. Also, I downloaded the Norton AntiVirus definitions ahead of time from a different computer and installed them on the affected computer. (Actually I did this step first, and downloaded Windows Critical Updates and installed as well.)
I removed from the registry the entry for Microsoft (or maybe it was Windows?) Update referencing win32.exe in the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
And also delete the file win32.exe in your windows\system32 folder. Odd as it sounds, it is the culprit. Insure you do have a backup of your registry. You may have to delete the file in Safe Mode (I didn't have to). I did notice that the file got cantankerous as I was trying to remove it.. removed first from the registry.. .you then get a window period to remove the file from c:\windows\system32 (path may be slightly different). I also had to manually edit the registry to remove Norton Anti Virus, so I could re-install it. Otherwise it would not enable in the System Tray. Also, I downloaded the Norton AntiVirus definitions ahead of time from a different computer and installed them on the affected computer. (Actually I did this step first, and downloaded Windows Critical Updates and installed as well.)
Does any one have any ideas or a process that worked for them or someone they know ?