Solved

w32.hllw.gaobot.gen virus on our network

Posted on 2004-09-20
6
208 Views
Last Modified: 2010-04-14
I have just been notified that our network is infected with w32.hllw.gaobot.gen virus.  I have downloaded the removal tool but wondering...if I run this tool on my systems that have been disconnected from the network, and load the MS patches on them will this in fact take care of the virus or will my systems become re-infected again?  Please hurry with a response!  Thanks so much!!!  SCUD1
0
Comment
Question by:SCUD1
  • 3
  • 2
6 Comments
 
LVL 4

Accepted Solution

by:
envoguecomputers earned 125 total points
ID: 12107360
You seem to have it right. Disconnect all of the network computers from the network, apply the removal tool and whatever related patches there are and once you've finished doing this to all of them, reconnect them to the network!

You should maybe check for spyware as well. Go to www.download.com and search for ad aware. Download Ad Aware Se Personal and run that on the infected systems as well.
0
 
LVL 1

Expert Comment

by:computermaster_z
ID: 12107716
   First,update your scan engine to the newest.
    Second,you must to scan all of your PC(in your LAN),and I recommend you scan your PC in Safe mode,and disconnect network.
    Third,apply all of Microsoft's patch.
    In the end,witch Antivirus software was installed?
    Good lucky!
0
 

Author Comment

by:SCUD1
ID: 12107747
We are running Symantec Corporate Ed.  My servers are all fine...they have been update on a regular basis but ran the removel tool just in case.  The results came back clean.  I'm curious as to how this got past our firewall, and symantec?  Unless someone brought it in from another source...floppy disk or cd.  Anyway...I appreciate your help.  I will start on this right away as we have 380 workstations in our network.  Long night ahead of me!!!  Oh yeah...can you help me with one more thing?  How do I get MS updates to save to a cd?  Silly question, I know.  New at this!!!
Thanks so much!!!
SCUD1
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 4

Expert Comment

by:envoguecomputers
ID: 12107770
You can download the updates from the download section of www.microsoft.com and select Save to disk, then burn them to a CD! You'll just need the update number (Q with 6 digits)
0
 

Author Comment

by:SCUD1
ID: 12107874
Thank you so much for your help.  I will attempt to close out this question so that you can receive your well deserved points.  Thanks again!!!
SCUD1
0
 

Author Comment

by:SCUD1
ID: 12118212
Ok...I have disconnected the workstation from the network, ran the removal tool, installed the two patches the removal is calling to be installed, rebooting the computer, reconnecting to the network, getting onto the internet and just to be sure I disconnected the workstation from the network and ran the tools once again only to find out the workstation is still infected or reinfected.  What is it that I need to do to get rid of this thing?????  I'm totally desparate now!!!!
SCUD1
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Syteline and a new domain controller 4 694
Images sometimes not printed 6 467
Corrupted W2K  serverregistry 2 144
Windows Foriegn Disk 3 128
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
A Short Story about the Best File Recovery Software – Acronis True Image 2017
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now