Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

Bagle.AZ Worm

Information about Bagle.az Worm:

                     Bagle.az worm spreads via e-mail and file sharing networks in Windows platform. It collects e-mail addresses stored in .xml, .xls, .wsh, .wab, .uin, .txt, .tbb, .stm, .shtm, .sht, .pl, .php, .oft, .ods, .nch, .msg, .mmf, .mht, .mdx, .mbx, .jsp, .htm, .eml, .dhtm, .dbx, .cgi, .cfg, .asp, and .adb files to send infected messages. The message body, subject and attachment name will be randomly chosen by the worm.

                     When the infected attachment is executed, the worm copies itself to Windows system folder as "sysformat.exe". The worm also creates new keys in the registry Run section to load automatically. The registry modification is given below.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
sysformat = C:\%SYSTEM%\sysformat.exe

                     Bagle.az worm searches C to Z drives and drops infected copy in the file sharing folders. This worm is appeared on January 26th 2004. 

Removing Bagle.az worm from your computer:

                     Fire has incorporated bagle.az worm in signature file to protect Fire users from this worm attack. Fire anti-virus users can update this signature file by using online update facility. It is available with the registered version of Fire anti-virus Kit.

                     A free download of FireLite [ 1100 KB ] version is also available to detect Mydoom Worm. If you find this worm, use registered version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com

[Analysis: Mr.Jacob Kalis, Prognet Technologies Pvt. Ltd, Jan. 2005]

Go to top of the page
.