Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 


BUGBEAR WORM SPREADS IN THE WILD

Virus Name  : W32.Bugbear@mm

Alias             : I-Worm.Bugbear, W32/Bugbear-A, WORM_BUGBEAR.A, Tanatos

Virus type    : Internet worm

Threat level : Medium

Virus details :

                     BugBear is an Internet worm, uses e-mail addresses stored in Windows Address book and network shares. It also collects addresses from .dbx, .mbx, .eml, and .ocs files to distribute infected messages. The worm randomly chooses the message body and subject. This worm is also known as I-Worm/Bugbear, I-Worm.Tanatos.a, W32/Bugbear@mm, Tanatos, W32.Bugbear@MM, WORM_BUGBEAR.A.

                     When the infected attachment is executed, the worm copies itself to Windows system folder as a four digit file name. It copies to the startup folder to load on the next startup automatically. The worm also creates new key in the registry in the RunOnce section. The registry modification is given below.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

                     Bugbear uses IFRAME vulnerability to infect. When the user views the e-mail the embedded code is executed automatically and it drops the virus. Microsoft released security patches to close this security hole. If you haven't installed, you can get a copy at http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp

                     Bugbear uses its own SMTP to mail infected messages. It will try to terminate antivirus and security programs in the infected system. The worm has backdoor abilities, so the infected machine is vulnerable to hacker attacks.

How can I protect my system?

                   Solo has incorporated W32.Bugbear@mm in its signature file to protect users from this worm attack. Solo antivirus registered users are already protected from this worm. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats.

How to remove this worm?

                   If you are already infected with this worm, download and install security patches from the link http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp according to your Internet Explorer version. Then run Solo anti-virus to remove the worm components.

                   Solo antivirus can detect and remove W32.Bugbear@mm safely. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VB, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link