SECURITY INFO
Latest Threats
Spyware
Spam
Phishing
Hoaxes
PandaLabs
Virus map
Panda Virusometer
TRAINING
General concepts
Technical details
Virus FAQs
Practical tips
DOWNLOADS
Repair utilities
Does my antivirus work?
ActiveScan Pro
Free Antivirus
HOME
What is VirusPortal?
Newsletters
HOME SECURITY INFO TRAINING DOWNLOADS WEBMASTERS
Security Info / Virus encyclopedia / At a glance
Find:    in:  
 

 Bagle.D
Threat Level:  Moderate
Distribution:  Medium
Damage: High
The Threat Level varies according to the Distribution and Damage levels
 
 Common name: Bagle.D
 Technical name: W32/Bagle.D.worm
 Threat Level: Low
 Type: Worm
 Effects:  

It creates a backdoor that opens TCP port 2745 and notifies its author that the affected computer is reachable through it. It stops functioning after March 14, 2004.

 Systems affected:  Windows 2003/XP/2000/NT/ME/98/95
 Detection updated on: April 15, 2004
 In circulation? No
  
Panda QuickRemover
  Brief Description
 

Bagle.D is a worm that spreads via e-mail in a message with variable characteristics, and an attached file that has the same icon as an Excel spreadsheet.

Bagle.D contains a backdoor, which opens the TCP port 2745. It attempts to connect to several web pages that host a PHP script. By doing this, Bagle.D notifies its author that the affected computer can be accessed through the port mentioned above.

In addition, Bagle.D ends the processes belonging to several antivirus update applications.

This worm only runs if the system date is March 14, 2004 or previous. After this date, Bagle.D stops functioning.

[ top ]  

  Visible Symptoms
 

Bagle.D is easy to recognize once it has affected the computer, as it opens Notepad the first time it is run.

In addition, it reaches the computer in an attached file that has the same icon as an Excel spreadsheet.



[ top ]  
Last updated:  April 15, 2004 

 

  © Panda 2009 | Free Antivirus | Make this your home page | Bookmark this page | Send page | Contact us | Legal notice | Privacy Policy