Encyclopedia

Bagle.AB
Threat LevelDamageDistribution

At a glance Tech details | Solution


Common name:	Bagle.AB
Technical name:	W32/Bagle.AB.worm
Threat level:	High
Type:	Worm
Effects:	It notifies its author that the computer has been affected. It ends processes belonging to several security programs and to several worms.
Affected platforms:	Windows 2003/XP/2000/NT/ME/98/95
First detected on:	April 28, 2004
Detection updated on:	Aug. 11, 2009
Statistics	No
Proactive protection:	Yes, using TruPrevent Technologies
Family:	Mylife

Brief Description

Bagle.AB is a worm that spreads via e-mail in a message with variable characteristics and through P2P file sharing programs.

Bagle.AB ends processes belonging to antivirus and firewalls programs, among other security applications, as well as to several worms.

In addition, it attempts to connect to several websites that host a PHP script through the port 2535. By doing so, Bagle.AB notifies its author that the computer has been affected.

Visible Symptoms

Bagle.AB is easy to recognize, as it displays the following fake error message once it has affected the computer:

Last updated: 11/08/2009

Virus News

3/10/09.-More than 10 Million Worldwide Were Actively Exposed to Identity Theft in 2008

3/5/09.-Cyber-crooks manipulate Internet searches to sell fake antivirus products

3/2/09.-VideoPlay adware infections grew 400% in February through malicious use of Web 2.0 pages

[+ Noticias]

Web Map | Contact Panda Security