PC Security Shield Virus Alert: I-Worm.Win32.Bagle.AJ
  • Also Known As
    		•  W32.Beagle.AR@mm [Symantec], WORM_BAGLE.AM [Trend], W32/Bagle.az@MM [McAfee] 
  • Type
    		•  I-Worm 
  • Systems Affected
    		•  Win32 
  • Resident in System Memory
    		•  No
  • Origin
    		•  others
  • Encryption
    		•  No
  • How it spread
    		•  Network, Email
  • Infection symptoms
    		•  Changes registry, Sends email, Opens the specific port, Creates file
  • Specific date of infections
    		•   None
  • Destructivity/ Distribution Potential
    		•  ** / ***  

    Technical Description

    Summary

    W32.Beagle.AR@mm is a mass-mailing worm that uses its own SMTP engine to spread.

    The email attachment is a downloader, similar to the Mitglieder family of Trojans, that downloads the worm from an external source.

    The worm also contains backdoor functionality, opening TCP port 81 and UDP port 81 which allow the infected computer to be used as an email relay.


    Infection method

    Worm sends emails with its own SMTP engine, and searches for more email addresses that it can use to spread.

    How to repair:       [Repair by using The Shield AntiVirus 2011]


    The Shield Deluxe AntiVirus & Firewall 2008


    Security Shield 2011 - Total Internet Security