Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Three new variants of the Bagle worm detected - 03/ 18/04]

Mar 17, 2004 11:51PM PST

Virus Alerts, by Panda Software (http://www.pandasoftware.com)

Madrid, March 18, 2004 - Over the last few hours, PandaLabs has detected the
appearance of the new Q, R and S variants of the Bagle worm.

The most dangerous of the three is variant Q and, according to data
collected by PandaLabs, it has started spreading very rapidly.

Bagle.Q spreads via e-mail in a message with extremely variable
characteristics. This e-mail, however, does not include an attached file
carrying the worm. Instead, the message includes HTML code which is used to
download the file carrying this malicious code to the affected computer from
the Internet through TCP port 81.

Once it reaches a computer, Bagle.Q sends itself out to all the e-mail
addresses it finds in certain files stored on the infected computer. It does
this using its own SMTP engine. The main danger of Bagle.Q, however, is that
it acts like a virus, as it infects PE (portable-executable) files. This
worm also ends the processes of several antivirus and security applications.

The R and S variants do not seem to be spreading as rapidly.

Due to the risk of being infected by these worms, Panda Software advises
users to treat all e-mails received with caution and to keep their antivirus
software updated. The company has already made the updates to its products
available to its clients to ensure their solutions can detect and eliminate
these three new variants of Bagle.

Similarly, users can also detect and disinfect these and other malicious
code using the free, online antivirus, Panda ActiveScan, which is also
available on the company's website at http://www.pandasoftware.com

More information on the Bagle.Q, Bagle.R and Bagle.S from Panda Software's
Virus Encyclopedia at http://www.pandasoftware.com/virus_info/encyclopedia/

Discussion is locked