Trojan.Win32.Buzus.ddbm

Trojan.Win32.Buzus.ddbm is a worm and a Trojan that installs the rogue security program known by the name of WinDefence. Rogue security programs like WinDefence will create fake infection warnings, along with the appearance of being a security application, to fool you into believing that your PC is riddled with infections. Since Trojan.Win32.Buzus.ddbm is a worm, in addition to being a Trojan, Trojan.Win32.Buzus.ddbm may also use network resources or removable drives to infect new computers. You should treat any sign of a Trojan.Win32.Buzus.ddbm infection as being a serious threat and delete Trojan.Win32.Buzus.ddbm from your PC with fully up-to-date anti-virus software.

Defending Your PC from Trojan.Win32.Buzus.ddbm's Worm Techniques

Although Trojan.Win32.Buzus.ddbm is popularly classified as a Trojan due to it's primary payload, Trojan.Win32.Buzus.ddbm also uses worm-based tactics to infect additional PCs. This can include:

• Creating copies of itself in network-shared locations of your computer. These copies omay install themselves automatically, whenever a new computer accesses the same location.
• Creating copies of itself in removable drives, including CDs and USB 'thumb' drives. These Trojan.Win32.Buzus.ddbm clones will operate similarly to the ones noted above, by installing themselves as soon as the device is used by a computer that isn't already infected with Trojan.Win32.Buzus.ddbm.

Trojan.Win32.Buzus.ddbm may also create further copies of itself to make deleting Trojan.Win32.Buzus.ddbm infections difficult. In all cases, Trojan.Win32.Buzus.ddbm is likely to hide these files with the System and Hidden attributes.

To prevent any possible Trojan.Win32.Buzus.ddbm infections through these attacks, change your settings to show System and Hidden files, disable Autorun features and exercise caution around storage devices and network-shared folders. Many of the files that Trojan.Win32.Buzus.ddbm uses may bear harmless-seeming names such as update.exe, windows.exe or winbackup.exe.

Like most PC threats, Trojan.Win32.Buzus.ddbm will also exploit the Registry to allow Windows Debugging Agent's own automatic startup. Aliases of Trojan.Win32.Buzus.ddbm include Trojan.Gen, Virus.Win32.VB, Mal/VB-LJ and Worm:Win32/Rebhip.A.

Trojan.Win32.Buzus.ddbm's Trojan and Virus Characteristics

The main payload for Trojan.Win32.Buzus.ddbm is installing WinDefence or a similar rogue security program. These rogue security applications will fake security software features, in an attempt to steal money and credit card information. WinDefence possesses no genuine anti-virus or security features and should never be purchased.

Some variants of Trojan.Win32.Buzus.ddbm can also function in the form of spyware, by stealing passwords and keylogging. This information is thereafter sent to remote criminals. In order to send this stolen information, Trojan.Win32.Buzus.ddbm may disable or harm your security software. Common methods include making your firewall inoperable by deleting the relevant Registry values or adding an exception for itself into the firewall, so that your firewall ignores Trojan.Win32.Buzus.ddbm's traffic.

As a final danger for your computer, Trojan.Win32.Buzus.ddbm may also display virus-like characteristics and infect preexisting files. Trojan.Win32.Buzus.ddbm has been seen injecting code into the Internet Explorer 'iexplore.exe' process and, because of this, you should avoid using Internet Explorer until you're certain that you've removed Trojan.Win32.Buzus.ddbm.