 Mdelk.exe / Worm_bagle.ko, How to remove this any help pls? |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.
To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.
  |
 Feb 26 2008, 08:18 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 1 Joined: 26-February 08 Member No.: 192,777  |
So My only chance was an online webscanner (trendmico housecall), that did found the following: Worm_Bagle.ko (c:\windows\system32\mdelk.exe) was infected troj_generic troj_proxydis.A win32\dnet trzdnet.drop trojan.win32.disntnet6656 (c:\windows\system32\iosdt\iosdt.com) (was infected) most were cleared BUT the mdelk.exe still can't be removed! it keeps installing itself. I managed to remove it for a while with the AD-AWARE since it gave me the option to remove it after reboot. But immediately after it was removed and the windows xp media centre started again, a window saying "select file to crack" was loaded again, then i relised from where the infection came from and deleted this program (as described earlier in the beginning of the problem) until now i have these two files that contain mdelk: C:\Windows\Prefetch\MDELK.EXE-0EF461CE.pf C:\Windows\System32\mdelk.exe (the icon of the mdelk.exe file is like a bunch of 3 keys) Can anyone please help me on how to kill this process from being born again? thankyou This post has been edited by duhhan: Feb 26 2008, 08:30 PM |
 |
 
|
|
Feb 28 2008, 05:26 PM
Post
#2
|
|
 The Bookworm Group: Moderator Posts: 12,837 Joined: 14-July 06 From: Bloomington, IN Member No.: 76,150 |
Hello duhhan and welcome to BC
 Can you tell us the name of the "program" your friend sent you? What is your operating system: Windows XP, Vista, etc.? Do you have any other security programs installed? If so, what are they? Orange Blossom 
-------------------- Orange Blossom An ounce of prevention is worth a pound of cure ESET NOD32, SuperAntiSpyware Pro, SpywareBlaster, Spybot 1.6.2.46, WinPatrol Plus, Sunbelt Personal Firewall - Full, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 4th July 2009 - 03:36 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.