New to this.
Problem, cpu chewed up by the above. Before I found the file it was killing all spyware and antivirus software. After stopping the task, Norton comes up clean, every spyware, adware, trogen killer comes up clean. I have run norton on the network comes up clean.
Symantec had instructions to remove (w32hllw.gaobot.ca), wstart32 from reg, and stop the task. Which I did. I found these two files hidden in sys32. I saved a copy to disk and deleted them. Machine seems to run fine now. My concern is, is the infecting file is still hiding? Also, running netstat, there seems to be some ports that are listening ie. 42555, 34012, microsoft-ds, 1029. Anyone have any suggestions?