Here is another virus that seems to be spreading lately. From the looks of it, it sees to be another email worm. Here is what eset says:
Aliases
Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)
[ad#ad2-right]Win32/Bagle.HE is a worm that spreads via e-mail. The size of its executable is 40565 B .
When executed the worm copies itself in the following locations:
- Documents and Settings\All Users\Application Data\hidn\
hldrrr.exe - Documents and Settings\All Users\Application Data\hidn\
hidn2.exe
In order to be executed on every system start, the worm sets the following Registry entry:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key
[ad#ad2-left]It seems to have a manual removal process, Unless you pay for the other software but according to the 411 on PC Security:
Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.
The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.
Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.
I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.
[via 411 on PC Security]
According to this site you can remove it by doing some steps. I think Kaspersky has an easier way to remove it and it looks like most anti-virus software will remove this. You need to remember that only you can prevent this from the future. You should also update your windows update and make sure your system is up to date.