Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Bagle.F

NameW32/Bagle.F
AliasesW32/Bagle.F, bagle.F, bagle, beagle.F, beagle
Discovered on 29th February, 2004

 Virus Information - W32/Bagle.F:

W32/Bagle.F is a mass mailing memory resident worm. The worm infects Windows systems and spreads through email.

The worm contains its own SMTP engine to construct outgoing messages using a spoofed return address to several email addresses gathered from the infected system.

The subject and body of the infected mail will be random. It carries an infected attachment with random filename with any one of the following extensions;

.exe
.scr
.zip

The attached file has a similar icon as a Windows folder

This worm spreads by dropping infected files in folders that have the text string 'shar' in their file names.

Upon execution, the worm drops the following files in the Windows system folder:

go54o.exe
ii5nj4.exe
i1ru54n4.exe

The worm also alters the windows registry at the following location to load itself during next startup;

HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

The worm creates the mutex, imain_mutex to ensure that only one instance of the worm is running in memory.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2005 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware