PC Security Shield Virus Alert: I-Worm.Win32.Bagle.AJ
  • Also Known As
    		•  W32.Beagle.AR@mm [Symantec], WORM_BAGLE.AM [Trend], W32/Bagle.az@MM [McAfee] 
  • Type
    		•  I-Worm 
  • Systems Affected
    		•  Win32 
  • Resident in System Memory
    		•  No
  • Origin
    		•  others
  • Encryption
    		•  No
  • Discovered on
    		•  09/28/2007
  • How it spread
    		•  Network, Email
  • Infection symptoms
    		•  Changes registry, Sends email, Opens the specific port, Creates file
  • Specific date of infections
    		•   None
  • Destructivity/ Distribution Potential
    		•  ** / ***  
  • ViRobot version able to detect/repair
    		•  Able to detect/repair
    [ViRobot version: 09/30/2007]  

    Technical Description

    Summary

    W32.Beagle.AR@mm is a mass-mailing worm that uses its own SMTP engine to spread.

    The email attachment is a downloader, similar to the Mitglieder family of Trojans, that downloads the worm from an external source.

    The worm also contains backdoor functionality, opening TCP port 81 and UDP port 81 which allow the infected computer to be used as an email relay.


    Infection method

    Worm sends emails with its own SMTP engine, and searches for more email addresses that it can use to spread.

    How to repair:       [Repair by using The Shield AntiVirus 2008]


    The Shield Pro AntiVirus & Firewall 2007


    The Shield 2008 PRO Anti Virus