WORM_BUGBROS.A is a non-destructive mass-mailing worm that propagates via Microsoft Outlook, and arrives as an email attachment with a random file name. It sends a copy of itself to firstname.lastname@example.org and all contacts listed in the infected user's Outlook address book. This worm runs on Windows 95, 98, ME, NT, 2000, and XP. This mass-mailing worm arrives in an email with the following: Subject: LiveUpdate Informations Message Body: Hi, I have send you the needed informations for the new worm-backdoor discovered. The Backdoor is called W32.Bug.Gear.A You can run the attachment to avoide getting hacked by closing the backdoor. Bye Attachment: <random file name> Upon execution, this worm drops a copy of itself in the C:\Windows\System32 folder. The name of the dropped file is obtained by copying the name of the originally executed file. If the folder does not exist, as in Windows 2000 and NT systems, it displays the following error message: Run-time error '76': Path not found It also adds two registry entries that allow it to automatically execute at every system startup. If you would like to scan your computer for WORM_BUGBROS.A or thousands of other worms, viruses, Trojans and malicious code, visit HouseCall, Trend Micro's free, online virus scanner at: http://housecall.trendmicro.com WORM_BUGBROS.A is detected and cleaned by Trend Micro pattern file #715 and above.