Re: W32.Beagle.M@mm
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 03/15/04
- Next message: bri: "Re: W32.Beagle.M@mm"
- Previous message: Veronica Loell: "Re: Deliberate target for virus."
- In reply to: Bri: "Re: W32.Beagle.M@mm"
- Next in thread: bri: "Re: W32.Beagle.M@mm"
- Reply: bri: "Re: W32.Beagle.M@mm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 15 Mar 2004 12:10:00 -0500
Obtain McAfee's virus and worm removal tool, Stinger: http://vil.nai.com/vil/stinger/
{ Stinger covers all variants }
1) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
2) Reboot your PC into Safe Mode
3) Using McAfee Stinger, perform a Full Scan of your platform and clean/delete any
infectors found
4) Restart your PC and perform a "final" Full Scan of your platform
5) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 200 ~ 400MB),
reboot your PC.
6) If you are using WinME or WinXP, create a new Restore point
7) Please report back your results
Dave
"Bri" <anonymous@discussions.microsoft.com> wrote in message
news:d55f01c40aae$2114e020$a501280a@phx.gbl...
| Thanks for your response, yes I was logged in as
| administrator. It took awhile just to get to a login and
| then access to admin rights. I was able to download the
| most recent date files, but this virus code has Norton
| blocked as well as from a dos prompt. I was able to run
| the tool for Fix Beagle, however, it is not for this
| version of the mutated strain...
| Any other ideas?
| Bri
| >-----Original Message-----
| >Bri,
| >>"Typing regedit in the run field does not work"
| >Are you logged in as Administrator?
| ><quote>
| >Terminates the following processes, which include
| antivirus software,
| >processes associated with other worms, and system
| utilities such as
| >**regedit** and netstat.
| ></quote>
| >http://securityresponse.symantec.com/avcenter/venc/data/w
| 32.beagle.m@mm.html
| >http://securityresponse.symantec.com/avcenter/venc/data/w
| 32.beagle.m@mm.removal.tool.html
| >Obtain a copy of Regedit.exe, rename it to Regedit.com,
| copy to floppy,
| >transfer it to the infected machine and try running that.
| >
| >_________________________________________________________
| ___
| >Mike Burgess [MVP Windows Shell\User]
| http://www.mvps.org/winhelp2002/
| >Blocking Spyware, Adware, Parasites, Hijackers, Trojans,
| with a HOSTS file
| >http://www.mvps.org/winhelp2002/hosts.htm [updated 03-09-
| 04]
| >Please post replies to this Newsgroup, email address is
| invalid
| >--
| >
| >"Bri" <anonymous@discussions.microsoft.com> wrote in
| message
| >news:cf2301c40a29$f4f684f0$a401280a@phx.gbl...
| >> My client's machine has this virus. Not only is the
| >> system infected, but his login was corrupted. It took
| >> repeated tries just to get a login and then to safe
| mode.
| >> I followed Symantec's instructions, however, the system
| >> will not allow access to the registry. Typing regedit
| in
| >> the run field does not work.
| >> Has anyone been successful removing this?
| >
| >
| >.
| >
- Next message: bri: "Re: W32.Beagle.M@mm"
- Previous message: Veronica Loell: "Re: Deliberate target for virus."
- In reply to: Bri: "Re: W32.Beagle.M@mm"
- Next in thread: bri: "Re: W32.Beagle.M@mm"
- Reply: bri: "Re: W32.Beagle.M@mm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
