Solved

Trying to clean off W32.BEAGLE.M@mm worm...

Posted on 2004-10-07
5
308 Views
Last Modified: 2010-04-11
Trying to install Norton AntiVirus.  It won't install because it's finding the W32.BEAGLE.M@mm virus.  I've run Stinger, and Symantec's tool to remove the virus.  It won't remove it from the following files:

EXPLORER.EXE
WSCNTFY.EXE
WINUPD.EXE

I believe this is happening because the files are open by the OS.  No matter what I do I can't seem to remove the worm from these files.  

Any suggestions, short of reinstalling the OS.  I was thinking of doing an "inplace install" where Windows replaces all the OS files from the installation disk.  Again, any ideas?

Thanks!!

0
Comment
Question by:CraigSNYC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255432
Hi CraigSNYC,

Have you checked this ?
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.mo@mm.removal.tool.html

Have you run stinger and other tool in safe mode ?

Have you disabled system restore if you have windows xp ?


SR..
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255441
http://www.neuber.com/taskmanager/process/wscntfy.exe.html --

Do you have windows xp Sp2 ? As per the above link , go to services and stop security center related service..

Can you not remove this file WINUPD.EXE
going to safe mode ?

open windows
go to start --> run --> msconfig
go to startup tab and disable all applications except firewall and anti-virus
reboot and check if you can remove the virus and delete the files
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12255448
Also do these

Remove temporary internet files, folders and cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%

Scan virus using this online virus scanner : http://housecall.trendmicro.com/ 

SR
0
 
LVL 2

Accepted Solution

by:
kitisak earned 375 total points
ID: 12256008
0
 
LVL 15

Expert Comment

by:Naser Gabaj
ID: 12267410
reboot in safe mode after making sure that you have latest update of NAV, and them make full system scan, remove them and work safe.

regards,

0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question