?
Solved

Trying to clean off W32.BEAGLE.M@mm worm...

Posted on 2004-10-07
5
Medium Priority
?
312 Views
Last Modified: 2010-04-11
Trying to install Norton AntiVirus.  It won't install because it's finding the W32.BEAGLE.M@mm virus.  I've run Stinger, and Symantec's tool to remove the virus.  It won't remove it from the following files:

EXPLORER.EXE
WSCNTFY.EXE
WINUPD.EXE

I believe this is happening because the files are open by the OS.  No matter what I do I can't seem to remove the worm from these files.  

Any suggestions, short of reinstalling the OS.  I was thinking of doing an "inplace install" where Windows replaces all the OS files from the installation disk.  Again, any ideas?

Thanks!!

0
Comment
Question by:CraigSNYC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255432
Hi CraigSNYC,

Have you checked this ?
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.mo@mm.removal.tool.html

Have you run stinger and other tool in safe mode ?

Have you disabled system restore if you have windows xp ?


SR..
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255441
http://www.neuber.com/taskmanager/process/wscntfy.exe.html --

Do you have windows xp Sp2 ? As per the above link , go to services and stop security center related service..

Can you not remove this file WINUPD.EXE
going to safe mode ?

open windows
go to start --> run --> msconfig
go to startup tab and disable all applications except firewall and anti-virus
reboot and check if you can remove the virus and delete the files
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255448
Also do these

Remove temporary internet files, folders and cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%

Scan virus using this online virus scanner : http://housecall.trendmicro.com/ 

SR
0
 
LVL 2

Accepted Solution

by:
kitisak earned 1500 total points
ID: 12256008
0
 
LVL 15

Expert Comment

by:Naser Gabaj
ID: 12267410
reboot in safe mode after making sure that you have latest update of NAV, and them make full system scan, remove them and work safe.

regards,

0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question