Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bagle infection removal tool


  • Please log in to reply
10 replies to this topic

#1 achek

achek

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wonderland
  • Local time:07:51 AM

Posted 16 June 2015 - 04:07 PM

Hi Everyone.Can someone help me with a suggestion of removal tool for Bagle infection(Bagle virus.) ?

I`ll ppreciate all suggestions, thanks :)


Edited by hamluis, 16 June 2015 - 04:52 PM.
Moved from Gen Sec to AV/AM Software - Hamluis.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 AM

Posted 16 June 2015 - 04:10 PM

Symantec seems to have a tool specially designed to remove Bagle infection.

https://www.symantec.com/security_response/writeup.jsp?docid=2004-011916-0524-99

However, I would not count on it to clean the infection at 100% and bring this issue in the malware removal area.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 achek

achek
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wonderland
  • Local time:07:51 AM

Posted 16 June 2015 - 04:15 PM

Thanks a lot, Aura :) I`ll try Symantec`s tool :)


Edited by achek, 16 June 2015 - 04:16 PM.


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:51 AM

Posted 16 June 2015 - 04:16 PM

The Bagle worm is a rather old infection dating back to 2004... most modern AVs should be able to detect and remove this worm just fine - no need for a removal tool.

#5 achek

achek
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wonderland
  • Local time:07:51 AM

Posted 16 June 2015 - 04:23 PM

Yes indeed

 

The Bagle worm is a rather old infection dating back to 2004... most modern AVs should be able to detect and remove this worm just fine - no need for a removal tool.

 

But The infected PC has XP SP2 and has not AV, so this kind of threat can`t let me to install AV to desinfect it. I`ll try Safe mode with networking and a symantec tool...

Cheers to all :)


Edited by achek, 16 June 2015 - 04:23 PM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 AM

Posted 16 June 2015 - 04:26 PM

If the Symantec tool doesn't cut it, like I said, your best bet would be to get this computer cleaned up in the malware removal area, this way a professional will assist you.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 hamluis

hamluis

    Moderator


  • Moderator
  • 55,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:51 AM

Posted 16 June 2015 - 04:59 PM

FWIW:  http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Win32%2fBagle .

 

Louis



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:51 AM

Posted 16 June 2015 - 06:47 PM

Symantec's removal tool was not very effective with the Bagle worm when it was active years ago.

If you need individual assistance with malware infection, you should start a new topic in the Am I infected? What do I do? forum

OR follow the instructions provided in the Malware Removal and Log Section Preparation Guide starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.
If you choose to post a log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team. After doing that, please reply back in this thread with a link to the new topic so we can closed this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 achek

achek
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wonderland
  • Local time:07:51 AM

Posted 18 June 2015 - 03:34 PM

Thanks to all of you, I appereciate your help. The computer is clean now :)



#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 AM

Posted 18 June 2015 - 04:13 PM

Good to know achek, you're welcome :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:51 AM

Posted 18 June 2015 - 05:39 PM

:thumbup2:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users