win32Gaobot-367

I was recently (yesterday) infected with win32 Gaobot-367 after having done a reformat and clean xp install. avast found it and infected files deleted. System now after further scans shows a clean system. However and this is the strange problem, when I image my c: drive (with operating system and apps, using Acronis TrueImage Deluxe the resulting image shows that win32 Gaobot has reinfected my image file??? no amount of rescanning (which shows no infection) and re-immaging seems to resolve this problem.

Any advise. I am tearing my hair out (what little is left)

Many thanks
Mike N

hi,
i am sorry to hear that,but i think that your harddisk is damage from that resistence virus !!
I guess you need to buy a new harddisk and install everything again or maybe you can do one thing…
is your pc always direct connected or not?
if it is,you must first plug your modem off from your pc and try then a rebootscan first,and later when xp is running a thorough scan,i don’t know if it will work but you must tryn everything before you buy another HD is it??
see ya,
Micho.

Hi,

have you applied all Windowsupdates ?CHECK !!
have you changed all passwords for WIN ? make them more secure also
if not, gaobot will always return…

→ Please read gaobot descriptions here:
VGREP
Symantec also offers a tool, try it, too

please supply the full message about Gaobot from avast Report/Logs

have you scanned the PC with Onlinescanners from Trend (below) and www.ravantivirus.com ?
:wink:

i am sorry to hear that,but i think that your harddisk is damage from that resistence virus !! I guess you need to buy a new harddisk and install everything again

this is nonsense… (or Bu…it)
:wink:

Thanks “whocares” the links provided are great help. I can understand that infected files would be stored in the restore files, which would then be carried over as an image…

I agree that replacing the HD is not an option and quite frankly quite pointless. If the HD was so badly infected a low level format would sort it out.

Will let you know of the outcome.

Cheers
Mike