You're in: Panda Security > Home Users > security-info > overview
Active Scan. Scan your PC free
Download Cloud Antivirus Gratis

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Bagle.N

 
Threat LevelSevere threatDamageSevereDistributionModerately widespread
Common name:Bagle.N
Technical name:W32/Bagle.N.worm
Threat level:Severe
Type:Worm
Effects:  It infects PE files, creates a backdoor that opens TCP port 2556 and ends processes belonging to security applications. It stops functioning after December 31, 2005.

Affected platforms:

Windows XP/2000/NT/ME/98/95

First detected on:March 13, 2004
Detection updated on:June 23, 2009
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies
Repair utility: Panda QuickRemover
Family:Mylife

Brief Description 

    

Bagle.N is a virus that has worm characteristics. Bagle.N infects PE files, increasing their size by 21 KBytes.

Bagle.N spreads via e-mail in a message with variable characteristics, and an attached file with the same icon as True Type fonts. It can also spread through peer-to-peer (P2P) file sharing programs.

Bagle.N contains a backdoor, which opens the TCP port 2556.

In addition, Bagle.N ends the processes belonging to several antivirus programs, firewalls and system monitoring tools. It also ends the processes belonging to previous variants of the worms Bagle and Netsky.

This worm only runs if the system date is December 31, 2005 or previous. After this date, Bagle.N stops functioning.

Visible Symptoms 

    

Bagle.N is easy to recognize, as it reaches the computer in an e-mail message with an attached file that has the same icon as a True Type font: