Welcome to the Virus Encyclopedia of Panda Security.
It disables processes belonging to several security tools and has rootkit functionalities, which allow it to hide files, processes and Windows Registry entries. It spreads via email.
|First detected on:||June 22, 2006|
|Detection updated on:||June 30, 2006|
|Yes, using TruPrevent Technologies
Bagle.JQ is a worm that has rootkit functionalities, which allow it to hide files, processes and Windows Registry entries.
It attempts to disable processes belonging to several security tools, such as antivirus programs and firewalls, among others.
Bagle.JQ spreads via email in a message with two files attached. One of them with a ZIP extension, and the other with a GIF extension.
Bagle.JQ is easy to recognize, as it shows the following symptoms:
- It reaches the computer in an email message with the following characteristics:
- Message: it consists of one of the following texts and a password:
I love you
To the beloved
- Attachments: it has two attached files, one with a ZIP extension and the other with a GIF extension.
- When it is run, the following error image is displayed on the screen: