Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
26 entries found. Displaying page 1 of 2.
Updated on Feb 15, 2005
Win32/Bagle is a family of mass-mailing worms that targets certain versions of Microsoft Windows. The worm spreads primarily through e-mail, though some variants also spread through peer-to-peer networks. The worm acts as a backdoor Trojan, allowing an attacker to access a computer that it has infected. The backdoor can be used to distribute other malicious software. Some variants of Win32/Bagle infect executable files.
Alert level: high
Updated on Dec 08, 2006
Alert level: severe
Updated on Jan 25, 2007
Win32/Bagle.BA@mm is a mass-mailing worm. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it finds on the host computer. Win32/Bagle.BA@mm also spreads by copying itself to folders containing the string 'shar' in the folder name.
Alert level: severe
Updated on May 22, 2008
Win32/Baglezip is the ZIP archive that may be used by the greater Win32/Bagle family when spreading. Win32/Bagle is a family of mass-mailing worms. The worm spreads primarily through e-mail, though some variants also spread through peer-to-peer file sharing networks. The worm may also act as a backdoor, allowing an attacker access and control of a compromised computer.
Alert level: severe
Updated on Jun 21, 2006
Win32/Bagle.EG@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is sent in a password protected zip file along with the password for the user to unzip the file.  The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Jan 18, 2007
Win32/Bagle.BA@mm!CME-477 is a mass-mailing worm. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it finds on the host computer. Win32/Bagle.BA@mm!CME-477 also spreads by copying itself to folders containing the string 'shar' in the folder name.
Alert level: severe
Updated on Feb 06, 2007
Worm:Win32/Bagle.ZD@mm is a mass-mailing e-mail worm that attempts to download and run arbitrary files from remote Web sites. Worm:Win32/Bagle.ZD@mm collects e-mail address from the local drive and also obtains e-mail addresses by checking Web site URLs included in the worm's code. The worm attempts to terminate the Windows Automatic Update service and modifies the System Registry in an attempt to disable booting into Safe Mode.
Alert level: severe
Updated on Apr 25, 2008
Worm:Win32/Bagle.gen!C is the generic detection for a member of the Worm:Win32/Bagle family. It is a mass-mailer that sends out copies of itself as an attachment. It terminates and disables processes, most of which are associated with security programs.
Alert level: severe
Updated on Jan 07, 2010
TrojanDownloader:Win32/Bagle.gen!A is the generic detection for trojans that download worms from the Win32/Bagle family. They are usually distributed as attachments of spammed e-mail messages. They may also change certain system settings.
Alert level: severe
Updated on Dec 08, 2006
Alert level: severe
Updated on Nov 15, 2007
Trojan:WinNT/Bagle.gen is generic detection for variants of WinNT/Bagle, a component of the greater Win32/Bagle multi-component family of malware. WinNT/Bagle provides advanced stealth functionality and anti-removal measures for this family.
Alert level: severe
Updated on Apr 22, 2008
Worm:HTML/Bagle!mail is a generic detection for HTML format e-mail messages used by Worm:Win32/Bagle when spreading via e-mail.
Alert level: severe
Updated on Mar 23, 2007
Alert level: severe
Updated on Feb 23, 2005
Win32/Bagle.AX@mm is a mass-mailing worm that creates and runs the worm Win32/Bagle.AS@mm.
Alert level: severe
Updated on Feb 23, 2005
Win32/Bagle.BD@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Dec 08, 2006
Alert level: severe
Updated on Dec 08, 2006
Alert level: severe
Updated on Dec 08, 2006
Alert level: severe
Updated on Dec 08, 2006
Alert level: severe
Updated on Nov 16, 2007
Windows Defender Antivirus detects and removes this threat.
 
This file infector targets files with extensions .SCR or .EXE. This virus can run a damaging payload that deletes files with certain extensions or beginning with specific strings.
Alert level: severe