Removing Win32/Bagle.HE worm
Here is another virus that seems to be spreading lately. From the looks of it, it sees to be another email worm. Here is what eset says:
Aliases
Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)
When executed the worm copies itself in the following locations:
- Documents and Settings\All Users\Application Data\hidn\
hldrrr.exe - Documents and Settings\All Users\Application Data\hidn\
hidn2.exe
In order to be executed on every system start, the worm sets the following Registry entry:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key
Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.
The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.
Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.
I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.
Stop botnets in its tracks With a Firewall!
According to PC World and I’ll quote:
According to FireEye chief scientist Stuart Staniford, detection rates are so poor that, on average, only around 40 percent of security software can detect binaries during the period of greatest infectivity and danger, namely the first few days after a particular variant starts being used by botnet builders.
[via PC World]
In a recent virus storm, We have people finding my site because of a Good Firewall. No if he didn’t have anything but Windows firewall then it would of gotten through and you would not of known about it. So let’s talk about how to prevent botnet attacks. This is relatively easy and if you follow some common rules. You to could be less likely to be infected. I will say this most people don’t do these common tips and they should do them.
