Active Scan. Scan your PC free
Download Cloud Antivirus Gratis

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.


Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Bagle.J
Technical name:W32/Bagle.J.worm
Threat level:Low

It creates a backdoor that opens TCP port 2745 and notifies its author that the affected computer is reachable through it. It stops functioning after March 25, 2005.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:March 3, 2004
Detection updated on:March 6, 2006
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 


Bagle.J is a worm that spreads via e-mail in a message with variable characteristics and through peer-to-peer (P2P) file sharing programs.

Bagle.J contains a backdoor, which opens the TCP port 2745. It attempts to connect to several web pages that host a PHP script. By doing this, Bagle.J notifies its author that the affected computer can be accessed through the port mentioned above.

In addition, Bagle.J ends the processes belonging to several antivirus update applications.

This worm only runs if the system date is March 25, 2005 or previous. After this date, Bagle.J stops functioning.

Visible Symptoms 


Bagle.J is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.