Win32:Beagle-HZ [Wrm]

[sudokus]

hello,

virus Win32:Beagle-HZ [Wrm] found in windows\system32\sysformat.exe.
It was "moved to chest" (there was "Recommended action: Move to chest" in the warning window).
Now when I've read the sticky post "Advice&Tools for virus/trojan/malware Removal & Prevention", I know we had to try press "Repair" button.
Looked at http://www.avast.com/eng/avast_cleaner.html, there's no CLEANER for this modification.
What would you recommend as the next steps?

OS: Windows XP Pro SP2 + updates
System restore disabled ages ago

p.s. picture atached

[DavidR]

Leave it in the virus chest, if repair isn't an option (then that option won't be available), e.g. the file is totally malicious as opposed to a windows file that was infected with some virus code, then the only option is to move the file to the chest or delete but can't be repaired. Delete is never a good first option, moving it to the chest was the best option for you, it gives time to investigate and take other actions as required.

There is no rush to delete anything from the chest, they can't do any harm there. Anything that you send to the chest you should leave there for a week or two. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them. Although in this case I dount it is anything other than a virus.

The sysformat.exe is a file associate with Beagle worm ( a google search will show this http://www.liutilities.com/products/wintaskspro/processlibrary/sysformat/

I not sure if this isn't covered by the avast cleaner but it wouldn't hurt to try it, just in case the varients on the web page haven't been updated.

Win32:Beagle [Wrm] (aka Bagle), variants A-Z, AA-AH