Content
W32/Bagle.gen!Sality
- Type
- Virus
- SubType
- Generic
- Discovery Date
- 02/17/2006
- Length
- Minimum DAT
- 4700 (02/17/2006)
- Updated DAT
- 4710 (03/03/2006)
- Minimum Engine
- 5.1.00
- Description Added
- 02/17/2006
- Description Modified
- 02/28/2006 8:10 PM (PT)
Tab Navigation
Characteristics
This is a generic detection of files that infected with both W32/Bagle.gen as well as W32/Sality. W32/Bagle is a mass-mailing worm, while W32/Sality is a parasitic file infecting virus. Most of these Sality infections are not viable, however this does not prevent the Bagle worm from functioning.
This covers several different variants of W32/Bagle, such as:
W32/Bagle.ds@MM:
http://vil.nai.com/vil/content/v_138501.htm
W32/Bagle.dt@MM: http://vil.nai.com/vil/content/v_138528.htm
W32/Bagle.du@MM: http://vil.nai.com/vil/content/v_138576.htm
W32/Bagle.dx@MM: http://vil.nai.com/vil/content/v_138752.htm
Symptoms
Varies
Method of Infection
This spreads through email and peer to peer file-sharing networks.
Removal
All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.
Variants
Variants
N/A
All Information
Overview -
This is a virus detection. Viruses are programs that self-replicate recursively, meaning that infected systems spread the virus to other systems, which then propagate the virus further. While many viruses contain a destructive payload, it's quite common for viruses to do nothing more than spread from one system to another.
Characteristics
Characteristics -
This is a generic detection of files that infected with both W32/Bagle.gen as well as W32/Sality. W32/Bagle is a mass-mailing worm, while W32/Sality is a parasitic file infecting virus. Most of these Sality infections are not viable, however this does not prevent the Bagle worm from functioning.
This covers several different variants of W32/Bagle, such as:
W32/Bagle.ds@MM:
http://vil.nai.com/vil/content/v_138501.htm
W32/Bagle.dt@MM: http://vil.nai.com/vil/content/v_138528.htm
W32/Bagle.du@MM: http://vil.nai.com/vil/content/v_138576.htm
W32/Bagle.dx@MM: http://vil.nai.com/vil/content/v_138752.htm
Symptoms
Symptoms -
Varies
Method of Infection
Method of Infection -
This spreads through email and peer to peer file-sharing networks.
Removal -
Removal -
All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.
Variants
Variants -
N/A
