(We run own networks and servers as well a E- Commerce I need to stop this before it finds away to speread to ur severs)
I work @ a computer shop in tx and our front desk computer is having a problem with a virus called W32.HLLW.Newbio. It ended up taking the computer down after several failed attepts with systamantecs virus removal software( I run Norton 2003/w all new updates). Intially I just f disk teh computer and reinstalled windows but the virus came back once again and even harder i once again tried to run the removal software but no virus was found. The virus ended up taking down the computer once again. So I did a low level format on the harddrive. Once that was completed. I attempted to reinstall Windows but i would not read teh cd so i went in to the BIOS to check the boot order. I repalce the network card and windows was installed with no problems. Once Windows was work properly again I changed teh Ip address, the subnet mask, the gateway, and teh DNs main and secondary. While work on a website Norton sends me a message saying Backdoor.Dvldr has attempt to enter teh sytem but has been stoped nad deleted. My QUestion is one how di dteh virus find its way back onto this computer after every thing was erased? 2 How do i get rid of this problem once and for all ?

Backdoor.Dvldr was discovered on March 08, 2003 and a backdoor Trojan that gives a hacker unauthorized access to your computer. The worm, W32.HLLW.Deloder, installs this Trojan.see the following symantec security response; http://securityresponse.symantec.com/avcenter/venc/data/pf/backdoor.dvldr.html

This site http://www.canada-av.com/sensible/home.nsf/a64058508e765d31852568c90012f088/c2e6210f37a759fc85256ce40064b094?OpenDocument says The worm attempts to copy and execute itself on remote systems via accessible network shares. This worm uses TCP port 445, also known as the Microsoft-DS port, to connect to remote machines. The worm tries to connect to the IPC$ share using the following passwords:(see above site)

So you should do the following
-Close port 445
-Stop network sharing
-Change your password to something else

If your on an internal network the chances are it has wormed it way into other computers.

Man I wish I could edit.

Anyway "OpenDocument" is part of the above URL, and yes you did say you are on a network.