MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Do more with FirefoxNEW

What is a computer virus?

Alert: Computer Virus Outbreaks

AVG Alternative Update URL

AVG Anti-Virus 7 FE

AVG Anti-Virus 7.5

AVG Email Server Edition

AVG File Server Edition

How to - Avoid Getting Infected

How to - Disabling System Restore

How to - Put Windows in Safe Mode

MAC OS X Anti-Virus

Removal of Trojan

Removing File Locked by OS

Stop the virus Ping-Pong

The real thing !

Viruses: Email-borne

Viruses: On-line Scanners
Home » Virus Protection » Alert: Computer Virus Outbreaks » 

Bagle Virus Gets Poetic

The variant continues the trend of using a randomly chosen name from a list of words for the subject of the message and for the attachment that contains the program. Additionally, the worm uses a graphic of three cherries, similar to a winning result on a slot machine, as the icon for the executable attachment.

The attachment also contains these four lines of text, which appear in all-capital letters:

Unique people make unique things That things stay beyond the normal life and common understanding The problem is that people don't understand such wild things, Like a man did never understand the wild life.

Also it attempts to turn off It also turns off 278 processes associated with security programs.

In common with its predecessors, this latest Bagle arrives as an email with short texts in the subject and an attachment. If run, the attachment generates a dialog box with the message 'Can't find a viewer associated with the file'.

The worm harvests email addresses from the system to build email messages in which it sends itself on and places copies of itself in any folders with 'shar' as part of the name. It copies itself here under filenames that might tempt peer-to-peer users into uploading it.

For removal procedure, see: Removal of Beagle (Bagle ) virus

Bagle in the news:

The latest variations of the Bagle virus add a new twist -- the virus carries a copy of its own source code.  Creating an open-source virus encourages more people to modify and publish virus software and that may help the author cover his tracks by making it harder to pinpoint the source of the infection.  July 2004, USA.

The latest variation of the Bagle virus attempts to download a file called ws.jpg, which may or may not be an infected JPEG file.  Bagle.az (w32.bagle.az @ mm, Bagle.am and Bagle.ar), spreads via e-mail and shared network files, harvesting e-mail addresses from infected machines and using its own SMTP engine to send copies of itself to those addresses. Bagle.az also attempts to terminate security apps, such as antivirus and firewall software, then opens a backdoor on port 81 on infected machines to allow remote access.  Bagle.az arrives as e-mail with a fake return address. The subject line reads either Re: ; Re: Hello; Re: Thank you!; Re: Thanks :); or Re: Hi. The body text reads, simply, :) or :)) . The infected attachment is named either "price" or "joke" with the following file extensions: .exe, .scr, .com, or .cpl. Bagle.az adds the file bawindo.exe to the Windows system directory and creates other files.  September 2004, USA.




 

Bagle Virus is Morphing

Bagle.X VIRUS alert - Computer Viruses

E-MAIL virus fills inboxes

NEW Variant Of Bagle Virus Spreading Fast

RED alert over worst internet virus


commentPost your comment 
Mail this pageMail this page

MAC-NET Secures IT | internet toolkit

© 2004-2008. All Rights Reserved.