BugBear backdoor is listening on this port. A cracker may connect to it to retrieve secret information, e.g. passwords or credit card numbers... The BugBear worm includes a key logger and can kill antivirus or personal firewall softwares. It propagates itself through email and open Windows shares. Depending on the antivirus vendor, it is known as: Tanatos, I-Worm.Tanatos, NATOSTA.A, W32/Bugbear-A, Tanatos, W32/Bugbear@MM, WORM_BUGBEAR.A, Win32.BugBear... http://www.sophos.com/virusinfo/analyses/w32bugbeara.html http://www.ealaddin.com/news/2002/esafe/bugbear.asp http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear@mm.html http://vil.nai.com/vil/content/v_99728.htm Reference : http://online.securityfocus.com/news/1034 Reference : http://support.microsoft.com/default.aspx?scid=KB en-us 329770&

- Use an Anti-Virus package to remove it. - Close your Windows shares - Update your IE browser See 'Incorrect MIME Header Can Cause IE to Execute E-mail Attachment' http://www.microsoft.com/technet/security/bulletin/MS01-020.mspx