Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Beagle-AHD (WRM), Beagle-AMY (RTK), Beagle-AAW (TRJ)


  • Please log in to reply

#1
Tolerant

Tolerant

    New Member

  • Member
  • Pip
  • 1 posts
Hi, I am posting for a friend who is infected and unable to establish an internet connection now. We are a little unsure how to proceed as he can not get to the web and lives in another state. Some hopefully helpful information follows:

He is running Windows 7 x64 bit. Using Avast 4.8 which the infection has mostly disabled although it does allow a manual scan and deleting files but he is not able to use the virus chest because that service has been disabled. He has also tried to system restore back a few days with no success as the restore would not fully complete. And of course Avast will not do a boot time scan on a 64 bit operating system (we just found out).

So far he found one virus that he deleted and after that remote access would not work, and upon rebooting, all internet access was non functional. Since then he has also found:
C:\Windows\mdelk.exe
Win32:Beagle-AHD (WRM)

C:\Windows\syswow64\srosa2.sys
Win32:Beagle-AMY (RTK)

C:\Windows\syswow64\wfsintwq.sys
Win32:Beagle-AAW (TRJ)

He did try to delete the AHD file but is still scanning when he discovered the AMY variant and AAW.
Now on the phone with him and he is going to try to Delete them because that is the only option Avast is allowing him.

Restoring internet access and getting the PC back to a working state is what we hope to achieve without restoring to a full partition wipe if possible. I have downloaded the guide to cleaning you offer on this site, and the tools listed and will snail mail them to him if we can make no progress. His level of computer experience is beginner which makes this all the tougher.

Is there a risk of further infection if he plugs in an external hard drive to move his photos offline before formatting, if that is the route he chooses? He is concerned because his external USB harddrive stores his music backups and family photos.

As of this time, he did delete those three mentioned above via Avast manual scan. Upon rebooting, internet access still disabled, and avast is still not protecting anything in real time.

Any advice would be appreciated, thank you.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP