[Stealth]

on my new computer (i installed XP last night) i've got the Gaobot D variant... (it's similar to the MSBLASTER / LOVESAN virus that hit a few months ago)  anyway, i can't install any virus protectors, because somehow it corrupts them, so they can't open.  

i try running Symantek's removal tool, but it says it can't find any viruses... however when i run McAfee's "Free" online virus scan it says it finds multiple infected Gaobot files.

anyone got any hints or suggestions? i've been trying for the last 3 hours

[GeistKrieger]

Id lend ya mcafee but i lost the cd.
Hmm ill do a little research for ya.

[Fractux]

Will it only stop several "major" brand products from installing?

What about AntiVir, or SVG? Does TrendMicro's Housecall not work either?

[Bobboau]

well if you only instaled XP last night, just install it again and be sure to install you anti-virus stuff before your network stuff

[Stealth]

Just did that... here's what i did:

Formatted NTFS (1 partition, "quick"). installed Windows Professional.

i didn't do anything else (didn't go online or anything...) except installing the motherboard drivers (for the NIC, integrated sound, USB, etc.)... i then popped in the McAfee CD, and installed McAfee.  i then popped in another CD with the latest mcafee patch.  i installed the patch successfully.  then i tried opening McAfee.  it opened, but after a few seconds it just shut down completely.  i tried it again,... same thing.  

this is exactly what happened before the second install of XP (when i first posted this topic)... i know i had a virus, but the signiture files and stuff i downloaded wouldn't remove it, and i can't install any (yeah, i've tried three) anti-virus software without it completely shutting down (crashing) after a few seconds of having it open.  

i'm about to (as advised by my friend) just do a complete low-level of the drive, but there's got to be something else that's wrong!

Oh, and for the record i installed all 'critical' security updates in Windows Update (all 31 MB of it)

[Fractux]

Are you installing XP and SP1 and your antivirus software with your computer unplugged from your network?

Unless you are behind a firewall, you should do that, other wise the chances of your machine getting infected are extremely high. If you don't have an external firewall... keep your computer unplugged from the network, activate WinXP's firewall, and then download your updates.

[edit]

I was just reading about some info , so you can scratch what i said before.here

They go through a run down of how to remove the virus... here's the brief info... click on the link for detailed info.

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

   1. Disable System Restore (Windows Me/XP).
   2. Update the virus definitions.
   3. Do one of the following:
          * Windows 95/98/Me: Restart the computer in Safe mode.
          * Windows NT/2000/XP: End the Worm process.
   4. Run a full system scan and delete all the files detected as W32.HLLW.Gaobot.BF.
   5. Reverse the changes that the Trojan made to the registry.

For details on each of these steps, read the following instructions.

[Sandwich]

Burn a Knoppix disc and boot off that, then run a Linux virus proggie?

[Windrunner]

try using this removal tool from Avast.

http://www.avast.com/i_idt_171.html

[Arc]

I agree with Fractux - make sure you don't plug in the network cable until after you've got your anti-virus installed. Varients of this virus are capable of spreading through Windows' default administrative network shares so you're probably getting re-infected as soon as you bring up your network card. If that's what's happening, you should run your anti-virus on any other pcs connected to your local network as they could likely be infected as well. Using a bootable cd or (read-only) floppy with AV that supports NTFS would let you avoid reinstalling. Mcafee has a "Rescue Disk", but it doesn't support NTFS. Quote from the user guide: "It is unnecessary for NTFS partitions."

If that doesn't help, check the install, update and driver files on your cds in case it's possible one of them got infected before you used them.