Unresolved Virus: Gokar worm?

DonkaWechico · Jun 19, 2006

I followed all steps in the Read and Runme. I even ran Bitdefender one more time after I finished all the steps. It seems that there is one virus that I just can't get rid of (the other ones that were detected were false positives, I believe). The remaining virus is called web.exe and a little googling seems to indicate that this is likely the Gokar worm, although I couldn't find "Karen.exe" which is supposed to come along with it.

I haven't experienced any symptoms yet, but I opened a suspicious file and immediately began the anti-malware regimen. I've attached my bdscan and activescan logs. I've also attached a Hijackthis! log just in case.

Thanks for your help! (I'm so sick of being in safe mode )

chaslang · Jun 20, 2006

Welcome to Majorgeeks!

Please follow the directions in step 7 of the READ ME and do not use MSconfig to control startups. You must select Normal Startup. Also as indicated in step 7, HijackThis logs must be post from normal boot mode. Please attach a new log from normal boot mode and with Normal Startup selected via MSconfig.

Is the below something you knowingly installed?
O4 - HKCU\..\Run: [LiveBackground] C:\Program Files\Live Background\LiveBackground.exe

Also what about the below? Did you install this?
C:\Program Files\Time Lapse\deskcam.exe ---> see http://www.2-spyware.com/file-deskcam.exe.html

Do you see the below file? If so, try to delete it. Tell me if you could delete it.
C:\web.exe

Log in or Sign up

Unresolved Virus: Gokar worm?

DonkaWechico Private E-2

Attached Files:

bdscan.txt

Activescan.txt

hijackthis.log

chaslang MajorGeeks Admin - Master Malware Expert Staff Member