Posts Comments

Bagle Bot Removal

By admin on March 15, 2010 Leave a Comment

The Bagle Bot is a worm that appeared first in 2004 and has had hundreds of iterations. Many of these iterations have engaged in different kinds of malicious activity. It is also known by the names Beagle, Mitgleider and Lodeight. Bagle Bot reaches user systems via malicious websites on the internet. Once downloaded and installed, Bagle Bot proceeds to create its files and modify registry entries. The primary objective of Bagle is to relay spam emails and send them to unsuspecting users. The spam emails themselves depend on the server they are being relayed from. As soon as Bagle Bot is connected to the internet, it downloads an encrypted configuration file which tells it which servers to communicate with. Bagle also connects to a list of predefined servers and sends information of its status and which port on the computer it is listening to.

Once these actions are completed, Bagle proceeds to listen for connections from remote spam servers and to relay the spam emails received from them. This takes up bandwidth and turns the user’s computer in to a zombie which could be traced as a hacker’s computer, putting the user in trouble. As Bagle bot performs a large amount of unauthorized activity, it is prudent to remove it as soon as you find it on your system.

In order to remove Bagle Bot, it is necessary to stop its process, delete its files and folders and to remove its registry entries. Additionally, genuine antivirus software such as Spyware Doctor with Antivirus can proof to be extremely useful in dealing with this type of malware. However, for manual removal, follow the instructions below in order to completely remove Bagle Bot.

SpyHunter Download

Manual Bagle Bot Removal Guide

The first step in Bagle Bot removal is to stop the following process:

  • wintems.exe

Next, delete the following files and folders:

  • C:\WINDOWS\system32\mdelk.exe
  • C:\WINDOWS\system32\wintems.exe 

Finally, it is necessary to remove the following keys and settings from the Windows Registry:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run german.exe = "C:\WINDOWS\system32\wintems.exe"
  • HKEY_CURRENT_USER\Software\DateTime4

Once the above steps have been completed, your computer is safe from Bagel bot. However, inexperienced users should not attempt to remove Bagle Bot manually as any mistake made during removal could cause damage to the operating system. Therefore, inexperienced users are advised to use a web-based repair service such as http://www.pcninja.com or legitimate antivirus software to safely remove Bagle Bot.

Outside Resources:

http://en.wikipedia.org/wiki/Bagle_%28computer_worm%29

Filed Under: Virus Removal Tagged With: , , , , , , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.