Event ID - 2556

Port No2556
Service NameW32.Beagle.T@mm
RFC Doc0
ProtocolTCP
DescriptionW32.Beagle.T@mm is a variant of W32.Beagle.R@mm. This worm attempts to send an HTML email to the addresses found in the files on an infected computer. The email does not contain an attachment of the worm. Instead, the HTML email uses the Microsoft Internet Explorer Object Tag Vulnerability that allows for the automatic download and execution of a file hosted on a remote Web site. This file is a copy of the worm, but may change in the future.
The worm also opens a backdoor, starts a Web server on port 81 to serve the worm, and attempts to spread through file-sharing networks by copying itself to folders with "shar" in their names. The worm is also a file infector that appends itself to the .exe files found on the computer.
Reference LinkPort Number:2556 Service Name:W32.Beagle.T@mm Port:TCP
AttackAccording to Symantec

Removal Instructions:
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
1.Disable System Restore (Windows Me/XP).
2.Restart the computer in Safe mode or VGA mode.
3.Reverse the changes made to the registry.
4.Update the virus definitions.
5.Run a full system scan and repair all the files detected as W32.Beagle.T@mm.
6.Obtain the Microsoft HotFix to correct the Microsoft Internet Explorer Object Tag vulnerability.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.