[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Trying to clean off W32.BEAGLE.M@mm worm...

Posted on 2004-10-07
5
Medium Priority
?
317 Views
Last Modified: 2010-04-11
Trying to install Norton AntiVirus.  It won't install because it's finding the W32.BEAGLE.M@mm virus.  I've run Stinger, and Symantec's tool to remove the virus.  It won't remove it from the following files:

EXPLORER.EXE
WSCNTFY.EXE
WINUPD.EXE

I believe this is happening because the files are open by the OS.  No matter what I do I can't seem to remove the worm from these files.  

Any suggestions, short of reinstalling the OS.  I was thinking of doing an "inplace install" where Windows replaces all the OS files from the installation disk.  Again, any ideas?

Thanks!!

0
Comment
Question by:CraigSNYC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255432
Hi CraigSNYC,

Have you checked this ?
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.mo@mm.removal.tool.html

Have you run stinger and other tool in safe mode ?

Have you disabled system restore if you have windows xp ?


SR..
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255441
http://www.neuber.com/taskmanager/process/wscntfy.exe.html --

Do you have windows xp Sp2 ? As per the above link , go to services and stop security center related service..

Can you not remove this file WINUPD.EXE
going to safe mode ?

open windows
go to start --> run --> msconfig
go to startup tab and disable all applications except firewall and anti-virus
reboot and check if you can remove the virus and delete the files
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255448
Also do these

Remove temporary internet files, folders and cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%

Scan virus using this online virus scanner : http://housecall.trendmicro.com/ 

SR
0
 
LVL 2

Accepted Solution

by:
kitisak earned 1500 total points
ID: 12256008
0
 
LVL 15

Expert Comment

by:Naser Gabaj
ID: 12267410
reboot in safe mode after making sure that you have latest update of NAV, and them make full system scan, remove them and work safe.

regards,

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What we learned in Webroot's webinar on multi-vector protection.
An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question