Panda Virus Alert - Bagel.A.Worm Alert Release #2

Panda Software warns of the danger of the Bagle.A worm - This malicious code, designed to spread rapidly via e-mail, is causing an increasing number of incidents around the globe - Panda Software offers all users its free PQREMOVE application, which detects and eliminates Bagle.A from affected computers Glendale, CA - January 19, 2004 - According to data collected by Panda Software's international technical support network, the new Bagle.A (W32/Bagle.A.worm) worm is causing an increasing number of incidents in users’ computers around the globe. For this reason, Panda Software offers all users its free PQREMOVE application, designed to effectively clean any computer affected by Bagle.A. This tool can be downloaded from the following address: http://www.pandasoftware.com/download/utilities/. Bagle.A is a worm that is designed to spread rapidly via e-mail. The e-mail carrying this malicious code has the subject: Hi, and the message body contains the following text: Test =), (a series of random characters). -- Test, yep. The name of the file attached to the message, which actually contains the worm's code, consists of a series of random characters, but always has an .EXE extension. This file is 15,872 bytes in size. The aim of Bagle.A is to spread rapidly by creating copies of itself in an effort to cause computer networks to crash. However, this worm does not have any other destructive effects. Once it has been installed on a computer, Bagle.A looks for e-mail addresses to send to. It looks for these addresses in the files with WAB, HTM, HTML and TXT extensions stored on the affected computer. Once it has done this, the worm sends itself out to the addresses it has found using its own SMTP engine. Due to the possibility of being infected by Bagle.A, Panda Software advises users to treat all e-mails received with caution, and to update their antivirus solutions immediately. The company has already made the updates to its products available to its clients to ensure their solutions can detect and eliminate Bagle.A. Those whose software is not configured to update automatically, should update their solutions from http://www.pandasoftware.com/. Users can also detect this and other malicious code using the free, online antivirus, Panda ActiveScan, which is available on the company’s website at http://www.pandasoftware.com/. More detailed information on Bagle.A from Panda Software’s Virus Encyclopedia. About PandaLabs On receiving a possibly infected file, Panda Software's technical staff get straight down to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users. For more information: Alan Wallace