Removing Win32/Bagle.HE worm

By Paul | Dec 15, 2008

Here is another virus that seems to be spreading lately.   From the looks of it, it sees to be another email worm.  Here is what eset says:

Aliases

Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)

Win32/Bagle.HE is a worm that spreads via e-mail. The size of its executable is 40565 B .

When executed the worm copies itself in the following locations:

  • Documents and Settings\All Users\Application Data\hidn\
    hldrrr.exe
  • Documents and Settings\All Users\Application Data\hidn\
    hidn2.exe

In order to be executed on every system start, the worm sets the following Registry entry:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key

It seems to have a manual removal process, Unless you pay for the other software but according to the 411 on PC Security:

Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.

The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.

Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.

I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.

[via 411 on PC Security]

According to this site you can remove it by doing some steps.  I think Kaspersky has an easier way to remove it and it looks like most anti-virus software will remove this.   You need to remember that only you can prevent this from the future.   You should also update your windows update and make sure your system is up to date.

Share and Enjoy:
  • Digg
  • Sphinn
  • Facebook
  • MySpace
  • Mixx
  • Google Bookmarks
  • LinkedIn
  • Live
  • Reddit
  • Technorati
  • Slashdot
  • Blogosphere News
  • StumbleUpon
  • Suggest to Techmeme via Twitter
  • Identi.ca
  • Posterous
  • Twitter
  • email
If you enjoyed this post, make sure to subscribe to my RSS feed, bookmark the store and joining the forums
  • Which email app do you think is the safest to use? Do you think iMail because Macs are not hit as hard with viruses and worms like PCs? Or it doesn't matter?
  • I think it does matter, you see sooner or later hackers are going to turn to the mac because of how APPLE is reluctant to patch the system. I suggest using:
    http://en-us.www.mozilla.com/en-US/thunderbird/...

    They Have Linux, Windows, and Mac versions. It is open source so it will be patched really quickly and I always think it is the most secure right now!!! That could change in the future but for right now it is.
  • Thanks! What is your FF so I can subscribe to you?
  • There are so many email worms loose out there.
  • Yep they seem to like to make viruses and spyware. It has to do with operating systems patching KNOWN holes and the hackers want on your so they have to find new ways to do it!!
blog comments powered by Disqus

Bad Behavior has blocked 941 access attempts in the last 7 days.

© 2009-2010 Tech-Linkblog.com All Rights Reserved -- Copyright notice by Blog Copyright

Tech-Linkblog.com is Digg proof thanks to caching by WP Super Cache

© 2007 Tech-Linkblog.com and Hosted by Justhost and domain through Godaddy, - WordPress Themes by DBT -- Who links to my website?