How To Remove The W32.gaobot.cez

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > Spyware and Malware Removal Guides and Reading Room

How to use the self-help guides

This forum contains self-help guides on removing common malware and viruses. These guides can be advanced so please use them at your own risk.

If after following the self-help guide, or you can not find an appropriate guide, then you can receive step-by-step instructions directly from one of our experts by following the instructions in this topic: Preparation Guide For Use Before Posting A Hijackthis Log

How To Remove The W32.gaobot.cez, Self-Help Guide

Options

Grinler View Member Profile	Feb 15 2005, 12:14 PM Post #1
Bleep Bleep! Group: Admin Posts: 29,870 Joined: 24-January 04 From: USA Member No.: 3	This self-help guide will allow you to remove the W32.Gaobot.CEZ What this program does: A worm that allows your computer to be controlled by a remote attacker using IRC. Tools Needed for this fix: HijackThis Related Tutorials: How to use HijackThis to remove Browser Hijackers & Spyware Symptoms in a HijackThis Log (Maybe different entries but will contain the same domains and hostnames): O4 - HKLM\..\Run: [Ethernet Drivers] ethernet.exe O4 - HKLM\..\RunServices: [Ethernet Drivers] ethernet.exe Removal Instructions: Download HijackThis from the above link and extract it to c:\hijackthis. Print out these instructions. Navigate to the c:\hijackthis directory and double-click on HijackThis When the program starts, double-click on the HijackThis icon and then click on the Scan button. Put a checkmark next to the following entries if they exist: O4 - HKLM\..\Run: [Ethernet Drivers] ethernet.exe O4 - HKLM\..\RunServices: [Ethernet Drivers] ethernet.exe Then click the Fix button Exit HijackThis. Reboot your computer Delete the following files: %SYSTEM%\ethernet.exe Note: %SYSTEM% is a variable that refers to the System folder in your Windows folder. You can use the follow information to determine where your system folder is by default: Windows 95/98/ME: C:\windows\system Windows 2000/NT: C:\Winnt\System32 Windows XP/2003: C:\Windows\System32 Now your computer should no longer be infected with the W32.Gaobot.CEZ infection. It may be possible that you still have some spyware or malware installed on your computer. If you feel this is the case, follow the instructions below to post a HijackThis log and someone will help you to remove the rest. This is a self-help guide. Use at your own risk. BleepingComputer.com can not be held responsible for problems that may occur by using this information. If you would like help with any of these fixes, you can post a HijackThis log in our HijackThis Logs and Analysis forum. If you have any questions about this self-help guide then please post those questions in our AntiVirus, Firewall and Privacy Products and Protection Methods forum and someone will help you. -------------------- Lawrence

« Next Oldest · Spyware and Malware Removal Guides and Reading Room · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 8th January 2009 - 08:17 PM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Malware Removal Guides