Results 1 to 4 of 4

Thread: Win32.Beovens--How do I get rid of it? > Clean C:\RECYCLER folder

  1. #1
    chauber Guest

    Default Win32.Beovens--How do I get rid of it? > Clean C:\RECYCLER folder

    I unwittingly downloaded Win32.Beovens disguised as a codec installer.
    I understand it is
    a family of downloading trojans.
    ZA keeps on finding and neutralizing it, but how do I eliminate it entirely?
    I've tried TrojanHunter.
    It found the trojan one time and supposedly eliminated it.
    ZA continues to find it, but TrojanHunter does not spot it any more.
    Or should I just continue to let ZA do its work without worrying about the trojan?
    Thank you.

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:

  2. #2
    unhappy_viewer Guest

    Default Re: Win32.Beovens--How do I get rid of it?

    Tyr following the steps outlined in this 'sticky' post at the AV forum. You can use the other anti-trojan program mentioned, Ewido, to double check that the trojan is truly gone. Ewido is free and an excellent program:
    http://forum.zonelabs.org/zonelabs/b...essage.id=8814

    Remember to disable System Restore, update your definitions and run your scan in Safe Mode to get the most accurate result.

    Message Edited by unhappy_viewer on 02-21-200612:07 AM

  3. #3
    tony_a Guest

    Default Re: Win32.Beovens--How do I get rid of it?

    I recently had occasion to get rid of Win32.SuperScan which was found by ZA and identified as a trojan. Although I allowed ZA to delete the file, it came back (was found again). The second time I made a note of the path to the executable as listed by ZA, and after allowing ZA to delete it again, I used Windows Explorer to navigate down the noted path and made sure the executable was eliminated.

    When I ran ZA again, it turned up again in the C:\RECYCLER folder. This folder does did not show up in directory tree in Windows Explorer, but when C:\RECYCLER was entered in the address field, it poped up under the Program Files folder. Later investigation revealed that the RECYCLER folder is a nicely hidden folder that actually holds deleted files under a SID folder for each account on the system.

    At the time though, I just wanted to get rid of it off my system, but even from an administrator's account, I couldn't delete it from the RECYCLER folder. After some playing around, I found I could rename it, but nothing would get rid of it. I next tried a utility from System Internals (www.sysinternals.com) called AccessEnum.exe which displays permissions, and I found I could access and delete the offending file within the RECYCLER folder using it.

    After looking up C:\RECYCLER on the Microsoft Knowledge Base, and finding out what it did, I think it is highly likely that I could have gotten rid of the problem file just by emptying the Recycle Bin after ZA deleted it the first time. So, the lesson is: after deleting a file using ZA, empty the Recycle Bin before doing another scan.

    Hope this helps.

    Tony_A

  4. #4
    chauber Guest

    Default Re: Win32.Beovens--How do I get rid of it?

    Thanks, Tony!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Recycler and System Volume Information-Recycler virus
    By anjoy in forum Malware Discussion
    Replies: 6
    Last Post: April 28th, 2010, 06:48 PM
  2. Cant clean worm.win32
    By dwr in forum Malware Discussion
    Replies: 3
    Last Post: January 27th, 2010, 03:36 PM
  3. Replies: 6
    Last Post: May 12th, 2008, 02:04 PM
  4. recycler.exe virus
    By compaddict in forum Security Issues
    Replies: 1
    Last Post: March 28th, 2008, 06:43 AM
  5. Replies: 6
    Last Post: April 17th, 2007, 05:06 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •