VARIANT SPREADS IN THE WILD
Virus Name : W32.Bugbear.B@mm
Alias : I-Worm.Bugbear.B, W32/Bugbear-B,
Virus type : Internet
level : Medium
BugBear.b is a new variant of Bugbear
worm, uses e-mail
addresses stored in Windows address book and network shares to spread.
It collects addresses from .dbx, .mbx, .eml, and
.ocs files to
distribute infected messages. The worm randomly
chooses the message body and subject. This variant infects local
files in the hard disk. Solo antivirus can detect and clean
the infected files safely.
Bugbear.b uses IFRAME
vulnerability to infect windows based systems. When the user views the e-mail, the
embedded code is executed automatically and it
drops the virus. Microsoft released security
patches to close this security hole. If you have not installed, you can get a copy at http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp
When the infected
attachment is executed, it copies to the startup folder to load on
the next startup automatically. Then searches for EXE files in
the hard disk and infects the targeted applications in Program
files folder and Windows folder.
Bugbear.b will infect the following files in the Windows folder:
It will infect the following files in the Program Files folder:
Windows Media Player\mplayer2.exe
Bugbear uses its own SMTP
to mail infected messages. It will try to
terminate antivirus and security programs in the
infected system. Bugbear.b worm drops a key logging component in Windows system folder. The worm
has backdoor abilities. So the infected machine
is vulnerable to hacker attacks.
Bugbear.b worm contains a bulk list of
bank domains. If a bank domain e-mail id found, it enables the
auto dial feature in the registry of the infected system. It can be used to
How can I protect my
Solo has incorporated W32.Bugbear.B@mm in its signature file to protect
users from this worm attack. Solo antivirus
registered users are already protected from this
worm. Make sure that you have installed
registered version of Solo Antivirus to protect
your system from all virus threats.
recommend all users to install the latest
version of Internet Explorer 6.0 to protect your system from
IFRAME and other security holes.
to remove this worm?
If you are already
infected with this worm, download and install
security patches from the link http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp according to your
Internet Explorer version. Then run Solo
anti-virus to remove the worm components.
antivirus can detect and remove W32.Bugbear.B@mm
safely. Use the following link to Download
30 day trial version of Solo antivirus
remove viruses from your computer.
Solo anti-virus not only
scans for all viruses, it contains a unique System
Integrity Checker to protect you from
New Internet Worms, Backdoors and
malicious VB, Java Scripts. It also
effectively removes all existing Internet Worms,
File viruses, malicious VB, Java scripts,
Trojans, Backdoors, boot sector, partition table
and macro viruses.
purchase Solo antivirus using the link