%SysDir%\au.exe

I-Worm.Bagle.b
This worm spreads via the Internet as attachments to infected emails.

The infected messages have the following characteristics:

Header:
ID x... thanks
with x being a string of random characters.

Body:
Yours ID x
--
Thank
with x being a string of random characters.

Attachment:
The attachment has a random name, with a file size of 11KB.

The worm copies itself to the Windows system directory under the name 'au.exe'.
Adds the value: "au.exe" = "%system%\au.exe"
to registry key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Also creates the following registry key:
[HKCU\SOFTWARE\Windows2000] and saves its variables there.
The worm attempts to connect to remote sites, all of which are in some way connected with the Trojan proxy server TrojanProxy.Win32.Mitglieder
Send itself to all email addresses found in files on disks.

: : Recent posts at Forums : :

Problems with Audio

Problems After Installing SP3

Audio problem after reloading

please help. TROJAN GENERIC

Transfering Flash Video to .mpeg

Full install of XP .... NOW NO SOUND

Downgrading from sp3 back to sp2

Looking for File Conversion SoftWare

Outlook.exe process doesn't close

Windows Live Mail Errors

nVidia graphics card error

Links to web pages work hit and miss

Installed new memory, now no sound...

Mount disc with volume data

Laptop Keyboard Problems

Hotkey KeyBoard

multimedia audio controller driver

Missing drivers. Video Controller (VGA Compatible)

sata problem? cant find my WD10EACS 1terabyte drive

sound drivers Intel(R) 82801BA/BAM AC'97 Audio Controller

help help...

how do i remove disc drive

How to generate Paypal integration with Rails?

HELP - Internet sharing.

No Audio Device / No Playback Device "Grayed-out"

Multimedia Audio Controller Problems

Need Driver for Multimedia Unimodem Half-Duplex Audio Device

Excessive hard disk activity

deleting MFX.sys

Need Help DualBooting XP and Vista