XBlock By Actiance - Home
Someone Spying on You? Fight Back!
Currently Notice: Undefined variable: incprefix in /data/www/xblock/product_show.php on line 123 25,860,543 Spy Software Busted!
Full Name:
Type: Worm
Also Known As: W32/Bagle-H@mm I-Worm.Bagle.h Win32/Bagle.H W32.Beagle.H@mm WORM_BAGLE.H W32/Bagle.du@MM
Danger Level: 7
Category Description: Virus-like program that spreads automatically to other computers by sending itself out by email or by any other means. A program that propagates itself by attacking other machines and copying itself to the affected machine.

Worms have self-replicating code that travels from machine to machine by various means. A worms first objective is merely propagation. Worms can be destructive depending on what payload they have been given. Worms may replace files, but do not insert themselves into files.
Comment: This email worm will copy itself to a shared folder on your hard drive. For instance this was found in this directory.C:\Program Files\funwebproducts\Shared. Funwebproducts and this worm are UNRELATED. This was just an example as to where we found this.
It will use the following filenames:

windown longhorn beta leak.exe
xxx hardcore images.exe
adobe photoshop 9 fu??.exe
winamp 5 pro keygen crack update.exe
porno screensaver.scr
ahead nero 7.exe
windows sourcecode update.doc.exe
acdsee 9.exe
winamp 6 new!.exe
matrix 3 revolution english subtitles.exe
opera 8 new!.exe

CAUTION: DO NOT delete the file names listed above even if you find them on your computer. Use a cleaning application to identify infection and remove it. You can find a freeware cleaner that picks up this infection at http://www.xblock.com/installer.shtml.
Manual Removal: Delete the exception made by the Worm.
1.Click on "Start" and then Click on "Run".
2.Type in "regedit" then click ok.
3.On the left pane scroll down to
4.On the Right pane right click on "C:\WINDOWS\vcualts32.exe" and click delete.
5.Close the registry editor.
6.Scan using XCleaner.

Back to the list of products removed by X-Cleaner

© Copyright 2003-2011, Actiance, Inc. All rights reserved.   Privacy Policy