virus help

[RSO 34]

A version of the Beagle mm virus got onto one of my home computers and I initially received a confirming pop up that the anti virus software removed it. I downloaded and ran the Symantec fix-it patch and it stated that Beagle was not on the machine.

However, my computer is still trying to send out mass emails that are being blocked by my email server but I cannot seem to get it to stop those attempts. Also, I cannot open my Norton software and run a full scan.

I turned off my XP system recovery while I did all of that and then restored it but nothing is stopping these mass mailing attempts despite confirmation that the virus has been removed.

Any suggestions?

 

[lemansnsx]

Follow the manual removal instructions at the Symantec security response page. If that doesn't work then I would suggest trying the online virus scan at trendmicro.com - look for the link to "Housecall".

 

[RSO 34]

Thanks for the tip.

I ran the online scan and found a different virus and deleted it. I also downloaded the latest beagle fix and supposedly corrected the problem. However, it is still trying to send out mass emails, won't let me run Norton and won't let me open AOL.

 

[lemansnsx]

Thanks for the tip.

I ran the online scan and found a different virus and deleted it. I also downloaded the latest beagle fix and supposedly corrected the problem. However, it is still trying to send out mass emails, won't let me run Norton and won't let me open AOL.

Okay, go to subratam.org and to the removal tools page. Get a copy of HijackThis, expand the zip file to a new folder on your C: drive, preferably C:\HJT. Run the HijackThis.Exe file, run the scan, save a log, mail me the log file at aph"at"swissinfo"dot"org and we'll see what's running that shouldn't be.

 

[RSO 34]

I sent it in a PM because I didn't want to take the chance of opening an email program and risk a further mass dissemination of the virus to everyone in my address book.

Thanks for your help!

p.s. and thanks to Jadkar (as usual) for spending the last 2 hours on the phone with me trying to resolve this problem. It seems that Symantec is still trying to get a handle on this one since they just updated their security report again tonight after I first posted this thread. Now they say it is "moderate" difficulty to remove when it was supposed to be "easy" when I started. I anticipate it will be upgraded again later if my experience is common.

 

[NeoNSX]

If anyone else has the Beagle virus, or is concerned that they might, you can download a free removal tool from here:

http://securityresponse.symantec.com/avcenter/FxBgleMO.exe

 

[lemansnsx]

If anyone else has the Beagle virus, or is concerned that they might, you can download a free removal tool from here:

http://securityresponse.symantec.com/avcenter/FxBgleMO.exe

Neo - this one is new - just discovered yesterday according to Panda. He'd already tried the tool - looks like Symantec have not updated it for this variant.

Robert - see my last PM.

 

[NeoNSX]

Neo - this one is new - just discovered yesterday according to Panda. He'd already tried the tool - looks like Symantec have not updated it for this variant.

ahh... they are releasing them so rapidly now that many viruses have their source code leaked onto the net. It's just crazy trying to keep up with the latest.

 

[RSO 34]

SUCCESS!!!!!!!!!!!!!!

The suggestions by Lemansnsx proved to be right on the money. That symantec repair does not work (at least not as of tonight) and it took the last 6 1/2 hours to fix it.

Fortunately, thanks to the efforts of Lemansnsx and Jadkar my computer is up and running again. Hopefully, Symantec and the others will update their repair patches asap because this was one pain in the a** virus.

Thanks again for your help!!!!!!!!!!

 

[Ether]

I've followed the advice on this thread (good thread by the way) and I still don't know whats wrong on my computer. I think I may have a virus, sometimes I cannot open programs on my computer. After working fine, all of a sudden I can't really do anything else, not to mention the zillion pop-up ads I receive daily. Another thing that happens is some words on any given website will be highlighted so you can click on them as a link. Its kind of annoying when a lot of words are highlighted (car, money, etc.. etc...) I did the trendmicro.com scan and it did pick up some things it said were virus' but one it would not delete, an error message came up saying unable to delete, this program is currently in use, or something to that effect. I also did the hijackthis scan and saved it if anyone is willing to look at it for me. Sorry, I don't know much about computers......
I also downloaded ad-aware, but it seems that I could run that program every 2 minutes and it will pick up new stuff even though I keep deleting everything it brings up. Any suggestions?

 

[lemansnsx]

Syonara: some spyware is very tough to get rid of. At a minimum you need to run Spybot Search&Destroy, AdAware, and HijackThis. The first two need to be kept updated and run regularly the last one should only be used with expert guidance. There are a couple of other tools for specific problems that, again, should only be run with expert guidance. Post again if you need more help.

 

[PHOEN$X]

Sean, if you want local help give me a call or bring your computer over.