Antivirus Software
  1. Home
  2. Computing & Technology
  3. Antivirus Software

Bagle.V worm

By Mary Landesman, About.com

See More About:
Name:
Bagle.V worm
Also known as:
W32/Bagle.V@MM, W32/Beagle.V@MM, WORM_BAGLE.V
Type:
Mass-mailing email worm
Discovered:
March 29, 2004
Email characteristics:
Bagle.V emails have an empty subject line, no message body, and carry an attached file named game.exe. The sender's address is spoofed.
System impact:
Bagle.V drops a copy of itself to the Windows System directory as sysinfo.exe and modifies the following registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

adding the vaule:

"sysinfo.exe" = %sysdir%\sysinfo.exe

where %sysdir% represents the path to the user's Windows System directory.

Bagle.V also adds the following registry key:

HKEY_CURRENT_USER\Software\Windows2005Bagle.V opens TCP port 4751 and sends notice to the worm's author.

Manual removal:
Use the Windows Task Manager to shutdown the sysinfo process. Delete the registry modifications made. Delete sysinfo.exe.
Explore Antivirus Software
About.com Special Features
Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Connect Your Home Computers

Easy ways to connect two computers for networking purposes. More >

Antivirus Software
  1. Home
  2. Computing & Technology
  3. Antivirus Software

©2009 About.com, a part of The New York Times Company.

All rights reserved.