If it (C:\winnt\explorer.exe) is infected, you can extract the original from the i386
directory on the hard disk or CDROM.
Example:
expand d:\i386\explorer.ex_ c:\winnt\explorer.exe
If the partition is FAT32 you can do this in DOS.
If the partition is NTFS, you will have to boot into the Command Console
{ The command console can be installed by executing; d:\i386\winnt32 /cmdcons }
Dave
| Thank you for the suggestion! I hope McAfee's Stinger tool can remove the
| beagle virus, because it after scanning twice with Nortons Beagle removal
| tool, FxBglMO.exe, I still have the virus lingering around. It still
| continues to prevent Norton and Mcaffee services from starting and I cannot
| run Spybot. Norton is able to run in the background in realtime protection
| mode, so I continue to get infected file messages. So basically, the virus
| is still lingering, after scanning 2 times with the fix tool, once with a
| full scan using nortons, and another scan with Trend Micros online scan.
|
| Heres another question I wanted to ask: Norton reports that
| C:\winnt\explorer.exe is infected with the Beagle and cannot be cleaned or
| quarentined. Is this not a major system file? If it can't clean it, what can
| I do? If I delete it, won't the system become unstable?
|
| I will let you know how the McAfee scan works out.
|
| Ryan
|
|
| | > Obtain McAfee's virus and worm removal tool, Stinger:
|
http://vil.nai.com/vil/stinger/
| >
| > 1) If you are using WinME or WinXP, disable System Restore
| >
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
| > 2) Reboot your PC into Safe Mode
| > 3) Using McAfee Stinger, perform a Full Scan of your platform and
| clean/delete any
| > infectors found
| > 4) Restart your PC and perform a "final" Full Scan of your platform
| > 5) If you are using WinME or WinXP,Re-enable System Restore and
| re-apply any
| > System Restore preferences, (e.g. HD space to use suggested
| 200 ~ 400MB),
| > reboot your PC.
| > 6) If you are using WinME or WinXP, create a new Restore point
| > 7) Please report back your results
| >
| > Dave
| >
| >
| >
| >
| > | > | I have recently acquired the W32.Beagle.M virus. After carefully
| following
| > | Symantec's site on the removal procedure, I still cannot get rid of the
| last
| > | of this virus. After trying to delete registry values of it (with the
| name
| > | winupd.exe), I still restarts itself as a process after rebooting. It
| also
| > | continues to block Norton Corporate edition and Mcafee from running
| (BTW,
| > | can you have both Mcafee and Norton installed at the same time)? I have
| > | tried using Symantec's virus removal tool; this cannot get rid of
| everything
| > | either.
| > |
| > | Any suggestions would be appreciated. Thanks!
| > |
| > |
| >
| >
|
|
