Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Bagle.B

NameW32/Bagle.B
AliasesW32/Tanx-A, W32/Yourid.A.worm, W32/Bagle.B, bagle.B, bagle
Discovered on 17th February, 2004

 Virus Information - W32/Bagle.B:

W32/Bagle.B is a mass mailing worm.This worm is a variant of W32/Bagle.A. The worm will infect Windows systems and spreads through email.

It arrives with the following subject;

ID <random characters> thanks

Infected email carries a spoofed 'From' and 'to' address picked up randomly from the infected system.

The body of the infected mail will be;

Yours ID <random characters>
--
Thank

It carries the following infected attachment;

<random characters>.exe

Upon execution of the attachment, the worm copies itself as au.exe in the Windows System folder.

It also alters the windows registry at the following location to load itself during next startup;

HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

To propagate itself, the worm scans the following extensions and collects the available email addresses from the infected system;

.wab, .txt, .htm, .html

The worm uses its own SMTP engine to mail itself to these email addresses. Also the worm opens TCP port 8866 for remote connections.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2005 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware