  W32/Bagle.af@MM is a trojan that is Circulate from email attachments. This is a mass-mailing worm with the following characteristics: *-contains its own SMTP engine to construct outgoing messages *-harvests email addresses from the victim machine *-the From: address of messages is spoofed *-attachment can be a password-protected zip file, with the password included in the message body.
*-contains a remote access component (notification is sent to hacker) *-copies itself to folders that have the phrase shar in the name (such as common peer-to-peer applications; KaZaa, Bearshare, Limewire, etc) *-uses various mutex names selected from those W32/Netsky variants have used, in order to prevent those *-W32/Netsky variants running on infected machines *-terminates processes of security programs and other worms *-deletes registry entries of security programs and other worms . From : (address is spoofed) Attachment names are chosen from the following list: Information-Details-text_document-Updates-Readme-Document-Info-Details-Message. Subject : Re: Msg reply-Re: Hello -Re: Yahoo! -Re: Thank you! -Re: Thanks :) -RE: Text message -Re: Document Incoming message -Re: Incoming Message -RE: Incoming Msg -RE: Message Notify -Notification -Changes.. Update -Fax Message -Protected message -RE: Protected message -Forum notify -Site changes -Re: Hi Encrypted document for more information u can urlLink visit virus information in macafee site . 
