Anti virus software
Download free anti virus software Anti virus software information Order anti virus software (US$ 29.95)
Protector Plus
Anti virus software for

 Windows
 (XP, 2000, 2003, NT, Me, 98, 95)

 Exchange
 
 NetWare











Download Antivirus software

W32/Bagle.AE Trojan

Information about the W32/Bagle.AE Trojan:

W32/Bagle.AE is a trojan. The trojan will infect Windows systems.

This trojan is either downloaded from the Internet or dropped by other malware applications.

Upon execution, the trojan resides in memory and also copies itself as hldrrr.exe in the Windows System folder.

The trojan modifies registry at the following location to load itself during each startup.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

It also creates the following registry key as a part of its installation routine:

HKEY_CURRENT_USER\Software\FirstRRRun

The trojan attempts to connect to the following remote webistes to download some files (possible malicious files):

http://(Blocked).jintek.com/mul.php
http://(Blocked).univ.gda.pl/mul.php
http://(Blocked)0clothing.com/mul.php
http://(Blocked)4u1.superhost.pl/mul.php
http://(Blocked)666.shockonline.net/mul.php
http://(Blocked)a132.org/mul.php
http://(Blocked)abreznaknm.sk/mul.php
http://(Blocked)alfold.com/mul.php
http://(Blocked)al-realt.ru/mul.php
http://(Blocked)alstrategies.com/mul.php
http://(Blocked)amarco.com/mul.php
http://(Blocked)amax.co.kr/mul.php
http://(Blocked)amodelhobby.com/mul.php
http://(Blocked)arbekr.sk/mul.php
http://(Blocked)a-sps.com/mul.php
http://(Blocked)at.cz/mul.php
http://(Blocked)aufbau-bautzen.de/mul.php
http://(Blocked)axtechnologies.net/mul.php
http://(Blocked)bed.pl/mul.php
http://(Blocked)billboards.com/mul.php
http://(Blocked)-bizar.foxnet.pl/mul.php
http://(Blocked)bwadersloh.de/mul.php
http://(Blocked)canada.com/mul.php
http://(Blocked)cellodesandias.com/mul.php
http://(Blocked)chef.com/mul.php
http://(Blocked)chillishop.de/mul.php
http://(Blocked)ch-kaestner-schule-donaueschingen.de/mul.php
http://(Blocked)cie.one.pl/mul.php
http://(Blocked)ckalertusa.com/mul.php
http://(Blocked)ckbull.cz/mul.php
http://(Blocked)ckimbit.de/mul.php
http://(Blocked)-comp.hu/mul.php
http://(Blocked)-dom.earthlink.net/mul.php
http://(Blocked)eaorodeley.com/mul.php
http://(Blocked)ecaecia.com/mul.php
http://(Blocked)el.ru/mul.php
http://(Blocked)ernegocios.com.ar/mul.php
http://(Blocked)esign.cz/mul.php
http://(Blocked)full.com/mul.php
http://(Blocked)iguntugla.com/mul.php
http://(Blocked)ii.no-ip.com/mul.php
http://(Blocked)iklinika-vajnorska.sk/mul.php
http://(Blocked)ilots.org/mul.php
http://(Blocked)informatics.com/mul.php
http://(Blocked)int2.iae.nl/mul.php
http://(Blocked)iskov.com/mul.php
http://(Blocked)j.com/mul.php
http://(Blocked)kesimple.com/mul.php
http://(Blocked)-kopretiny.ic.cz/mul.php
http://(Blocked)lacz.com/mul.php
http://(Blocked)lero.hu/mul.php
http://(Blocked)me.gushi.org/mul.php
http://(Blocked)medpel.cz/mul.php
http://(Blocked)mz.ru/mul.php
http://(Blocked)nfotech.com/mul.php
http://(Blocked)npharma.ru/mul.php
http://(Blocked)nue.ee/mul.php
http://(Blocked)oekb.ru/mul.php
http://(Blocked)ogueira.com/mul.php
http://(Blocked)ohio-state.edu/mul.php
http://(Blocked)ohio-state.edu/mul.php
http://(Blocked)oinc.com/mul.php
http://(Blocked)omed.com/mul.php
http://(Blocked)oodesign.ch/mul.php
http://(Blocked)orfolia.com/mul.php
http://(Blocked)ovation.ojom.net/mul.php
http://(Blocked)ovorota.ru/mul.php
http://(Blocked)pdogus.de/mul.php
http://(Blocked)pisteriadaniel.com/mul.php
http://(Blocked)pucel.com/mul.php
http://(Blocked)rachina.net/mul.php
http://(Blocked)ravel.ru/mul.php
http://(Blocked)rlesspaans.com/mul.php
http://(Blocked)rzazateservices.com/mul.php
http://(Blocked)sai-world.com.au/mul.php
http://(Blocked)sch.de/mul.php
http://(Blocked)senhaus-kenya.ch/mul.php
http://(Blocked)sgroup.de/mul.php
http://(Blocked)srisuphan.org/mul.php
http://(Blocked)sten.de/mul.php
http://(Blocked)t.ru/mul.php
http://(Blocked)tba.viskot.cz/mul.php
http://(Blocked)temforex.de/mul.php
http://(Blocked)tex-cit.com.pl/mul.php
http://(Blocked)tinentalcarbonindia.com/mul.php
http://(Blocked)tnetnultimedia.com/mul.php
http://(Blocked)ts-adf.altadis.com/mul.php
http://(Blocked)tsk.wz.cz/mul.php
http://(Blocked)ttychat.com/mul.php
http://(Blocked)uate.com/mul.php
http://(Blocked)ukas.com/mul.php
http://(Blocked)uminsko.cz/mul.php
http://(Blocked)us.ru/mul.php
http://(Blocked)-usa.com/mul.php
http://(Blocked)v.de/mul.php
http://(Blocked)vakfi.com/mul.php
http://(Blocked)vcoin.com/mul.php
http://(Blocked)vo.com/mul.php

This trojan first appeared on July 31, 2006.

Blueball Other names of W32/Bagle.AE Trojan:

This trojan is also known as TROJ_BAGLE.AE.

Click here to download a 30 day Evaluation Copy of
Protector Plus anti virus for your operating system

About Protector Plus Anti virus Software Packages:

Proland Software is the developer of Protector Plus range of anti virus software packages. Protector Plus anti virus is available for Windows XP, Windows Me/98/95, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.

Protector Plus range of anti virus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

You can download the 30 day evaluation copy of
Protector Plus anti virus software free of cost for these platforms:

Windows | Exchange | NetWare

Download free anti virus software | Anti virus software information | Order anti virus software

Copyright © 2006 Proland Software. All rights reserved.


Download Antivirus software