March 1, 2005 (HOSTSEARCH.COM) McAfee announced today that the Bagle Trojan has been modified and is spreading via email at a rapid rate with McAfee having received more than 100 distinct reports of the virus.
The virus is a particular threat to McAfee itself as it seeks to disable McAfees anti-virus software as well as Symantecs Norton and the free AVG anti-virus software.
McAfee described the Trojan like this, Bagle.dldr installs a file named wiwshost.exe and tries to download a file zo2.jpg from various Web sites. It also terminates security services and in some cases renames the main security program executable. Bagle.dldr modifies the file %WinDir% \system32\drivers\etc\hosts to prevent the user and any running software from contacting certain security Websites. The Trojan also disables any configured HTTP proxy.