1. Symantec/
  2. Security Response/
  3. Trojan.Tooso.H


Risk Level 2: Low

April 16, 2005
February 13, 2007 12:37:13 PM
Also Known As:
Win32.Glieder.{W, Y} [Computer Associates], Email-Worm.Win32.Bagle.{bj, bk} [Kaspersky Lab], W32/Bagle.dll.gen [McAfee], W32/Bagle.gen@MM [McAfee], W32/Bagle.bs.{dr, gen} [McAfee], Troj/BagDl-Gen [Sophos], Troj/BagleDl-N [Sophos], TROJ_BAGLE.BH [Trend Micro]
Trojan Horse
Systems Affected:

Trojan.Tooso.H is a Trojan horse that interferes with the operation of security software by terminating processes, stopping services, removing registry entries, and deleting files.

Trojan.Tooso.H attempts to download a copy of Trojan.Tooso.F.

This Trojan may arrive in an email with a .zip file attachment. The file inside the attachment may be 1.exe.

Reinstalling Services
You may also wish to re-enable services that were disabled by the threat. In the services window (in "Control Panel" for Windows 9x and in "Control Panel\Administrative Tools" for Windows 2000 and Windows XP), find the services that have been disabled, double click on them, and reset the "startup type" value from the drop down menu.

Antivirus Protection Dates

  • Initial Rapid Release version April 16, 2005
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version April 16, 2005
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date April 16, 2005
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: John Park

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube